urlscan.io logo urlscan.io
SecurityTrails logo

xyupload.com Open in urlscan Pro
2606:4700:3031::6815:5998  Public Scan

Go To Rescan Add Verdict Report
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Submission: On August 26 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 6 countries across 29 domains to perform 83 HTTP transactions. The main IP is 2606:4700:3031::6815:5998, located in United States and belongs to CLOUDFLARENET, US. The main domain is xyupload.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 17th 2021. Valid for: a year.
This is the only time xyupload.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 2606:4700:303... 13335 (CLOUDFLAR...)
5 139.45.197.15 9002 (RETN-AS)
4 9 173.192.101.24 36351 (SOFTLAYER)
2 109.206.162.83 50245 (SERVEREL-AS)
4 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:3::485 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 139.45.197.235 9002 (RETN-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
6 154.51.131.141 174 (COGENT-174)
1 2a00:1450:400... 15169 (GOOGLE)
5 94.31.29.128 6461 (ZAYO-6461)
2 2a00:1450:400... 15169 (GOOGLE)
3 139.45.197.239 9002 (RETN-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 139.45.195.8 9002 (RETN-AS)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
1 3 46.249.52.248 50673 (SERVERIUS-AS)
1 178.250.2.131 44788 (ASN-CRITE...)
1 2a0c:5c81:514... 55081 (24SHELLS)
2 139.45.197.188 9002 (RETN-AS)
1 1 104.19.136.78 13335 (CLOUDFLAR...)
5 104.19.134.78 13335 (CLOUDFLAR...)
1 108.168.193.183 36351 (SOFTLAYER)
4 4 216.52.2.30 29791 (VOXEL-DOT...)
2 2 35.186.253.211 15169 (GOOGLE)
3 62.149.0.72 15497 (COLOCALL ...)
2 2 185.33.221.88 29990 (ASN-APPNEX)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
83 29
12    2606:4700:3031::6815:5998 (United States)

ASN13335 (CLOUDFLARENET, US)
xyupload.com
5    139.45.197.15 (United Kingdom)

ASN9002 (RETN-AS, GB)
in-page-push.com
9    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
p336138.clksite.com
mybetterdl.com
clksite.com
2    109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net
mailwithcash.com
stagepopkek.com
4    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
5    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    139.45.197.235 (United Kingdom)

ASN9002 (RETN-AS, GB)
native.propellerclick.com
1    2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    154.51.131.141 (United States)

ASN174 (COGENT-174, US)
tags.h12-media.com
bidder.h12-media.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    94.31.29.128 (United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net
p336138.mycdn.co
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
3    139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)
otrwaram.com
itgiblean.com
1    2606:4700:3036::6815:4b0b (United States)

ASN13335 (CLOUDFLARENET, US)
f.h12-media.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
2    139.45.197.188 (United Kingdom)

ASN9002 (RETN-AS, GB)
static.cdnativepush.com
1    104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)
c.mgid.com
5    104.19.134.78 (United States)

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    108.168.193.183 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: b7.c1.a86c.ip4.static.sl-reverse.com
xyuploadcom.imageshack.host
4    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
2    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
Domain Requested by
12 xyupload.com xyupload.com
static.cloudflareinsights.com
5 s-img.mgid.com bidder.h12-media.com
5 p336138.mycdn.co p336138.clksite.com
p336138.mycdn.co
clksite.com
5 cdnjs.cloudflare.com xyupload.com
5 mybetterdl.com xyupload.com
p336138.mycdn.co
5 in-page-push.com xyupload.com
in-page-push.com
4 ap.lijit.com 4 redirects
4 gum.criteo.com 2 redirects static.criteo.net
4 tags.h12-media.com xyupload.com
tags.h12-media.com
4 maxcdn.bootstrapcdn.com xyupload.com
maxcdn.bootstrapcdn.com
3 sync.adtelligent.com
3 mug.criteo.com
3 fonts.gstatic.com fonts.googleapis.com
2 static.criteo.net tags.h12-media.com
static.criteo.net
2 ib.adnxs.com 2 redirects
2 rtb.openx.net 2 redirects
2 static.cdnativepush.com in-page-push.com
2 bidder.h12-media.com tags.h12-media.com
2 ads.us.e-planning.net 1 redirects
2 otrwaram.com xyupload.com
2 ssl.google-analytics.com xyupload.com
2 clksite.com 2 redirects
2 fonts.googleapis.com xyupload.com
2 p336138.clksite.com 2 redirects
1 itgiblean.com
1 u-ams02.e-planning.net
1 xyuploadcom.imageshack.host
1 c.mgid.com 1 redirects
1 ghb.adtelligent.com tags.h12-media.com
1 bidder.criteo.com tags.h12-media.com
1 my.rtmark.net in-page-push.com
1 f.h12-media.com tags.h12-media.com
1 ajax.googleapis.com xyupload.com
1 static.cloudflareinsights.com xyupload.com
1 native.propellerclick.com xyupload.com
1 stagepopkek.com xyupload.com
1 cdn.jsdelivr.net xyupload.com
1 mailwithcash.com xyupload.com
83 38

This site contains links to these domains. Also see Links.

Domain
www.repaircontact.com
en.gravatar.com
hotarucms.org
sigmakom.com
vida.mk
www.intango.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-04-17 -
2022-04-16		 a year crt.sh
in-page-push.com
R3		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.mybetterdl.com
Sectigo RSA Domain Validation Secure Server CA		 2021-04-26 -
2022-04-26		 a year crt.sh
mailwithcash.com
R3		 2021-08-03 -
2021-11-01		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
stagepopkek.com
R3		 2021-08-02 -
2021-10-31		 3 months crt.sh
propellerclick.com
R3		 2021-06-14 -
2021-09-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.h12-media.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-07 -
2021-09-18		 a year crt.sh
*.mycdn.co
Sectigo RSA Domain Validation Secure Server CA		 2020-10-13 -
2021-10-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
otrwaram.com
R3		 2021-08-12 -
2021-11-10		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-27 -
2021-11-26		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-08-01 -
2021-10-30		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-08-10 -
2021-11-08		 3 months crt.sh
cdnativepush.com
R3		 2021-07-14 -
2021-10-12		 3 months crt.sh
*.imageshack.host
Sectigo RSA Domain Validation Secure Server CA		 2021-02-22 -
2022-03-03		 a year crt.sh
*.e-planning.net
R3		 2021-08-13 -
2021-11-11		 3 months crt.sh
sync.adtelligent.com
R3		 2021-08-04 -
2021-11-02		 3 months crt.sh
itgiblean.com
R3		 2021-08-10 -
2021-11-08		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Frame ID: 1D1255173E8060CDA87CCF386B48C097
Requests: 57 HTTP requests in this frame

Frame: https://tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%222a01%3A4f8%3A121%3A131a%3A%3A2%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickysmart%22%2C%22pubid%22%3A%225cdaacef9be0bc5b971260214ca88323%22%2C%22adunitid%22%3A%2222440%22%2C%22topurl%22%3A%22https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22c40mak9n77g%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A4%2C%22hourofday%22%3A11%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22ltr%22%2C%22cdims%22%3A%5B1600%2C1200%5D%2C%22ddims%22%3A%5B1600%2C1859%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B0%2C50%5D%2C%22maxwidth%22%3A1600%2C%22maxheight%22%3A1200%7D&rnd=0.66950037814192
Frame ID: 335CB63B219C4EBC418062C7B525030B
Requests: 15 HTTP requests in this frame

Frame: https://bidder.h12-media.com/iframe/?impdata=4wz9gz5EBdHxsQRxEZdRSpXBY1iNjLsVKceyS9l8XzKR_dh1wDkc3Lnfojz6T23s3BNql4egRSztbDdSeoljXKM1Ume7XxrTFjHsCkjRGMkJSIiHS0W4gryi0yX4IdIi-iFL9pYCIhojUeTcc43w0xIdnzSWzfL2KSZ8t_5gkHurb70EPshsjS9ZoESAQKvY8GHrtNLb-lsVmT90OkO1TvRMRXrs9mMdpIhn4_KEe-HXIdwoXzNhl2MHug2lZYotepvFs2ATBuAP_HMkBChNm4xKaM14LW8_KaYFwXbvLTKphfX7dLTc6iM9-eKUvSq9CkKNpRKvMNfpI2e-DaT47hNYf7yMm0IsdGaZ4019bIY7-F89Y7wHlk1VeE5qARIl7szAzshN1ncGK8tTVzCGIZVeNa_efEDctOXbR2640a06VPSbJdmtAbVHj8wLZnicE8lNYTW5QCS6dil_N_9SwJ8gtVT0ap-Skfs1zaNu35O6gA1w8oZcax12_pHEK6RrhBFwaUzfbxOCJkZRHJ4Y6d1s1Zbax7_60VKN1D2BEi5JjR8p7XW-QDviS98c7o195n3npYGt6nc4zl2Jj9TX_Cr7cusuH6SKJ_uC765xPW1avCXl-NLFhTAlC2QZzRz1uGN7AwZhjrGUblJ7iig8Wc3lei6efUNi5z-xWwDwJ5mE71
Frame ID: 048F2CCAAE3D6D3217B7EE145ABA58C0
Requests: 6 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/e8/b9/a6/1acd43555092c654facfaae8d0/032577902997.png
Frame ID: 92AEE91E4646EE1A7378F1E734B7B184
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=xyupload.com
Frame ID: 851ED8E8CAB9E1DB38B27E2FCA9C4BDF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Solved For QuickBooks 2021 Qbdbmgrn Not Running « xyupload.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

83
Requests

99 %
HTTPS

41 %
IPv6

29
Domains

38
Subdomains

29
IPs

6
Countries

1268 kB
Transfer

3376 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://p336138.clksite.com/adServe/banners?tid=336138_739198_2 HTTP 301
  • https://mybetterdl.com/adServe/banners?tid=336138_739198_2
Request Chain 12
  • https://p336138.clksite.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true HTTP 301
  • https://mybetterdl.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true
Request Chain 33
  • https://clksite.com/adServe/banners?tid=336138_654829_2&pause=5 HTTP 301
  • https://mybetterdl.com/adServe/banners?tid=336138_654829_2&pause=5
Request Chain 34
  • https://clksite.com/adServe/banners?tid=336138_654829_1&tagid=2 HTTP 301
  • https://mybetterdl.com/adServe/banners?tid=336138_654829_1&tagid=2
Request Chain 52
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxyupload.com%2F&domain=xyupload.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=cGp0o3xkNUkvc2U4STQ1ZUV2VTR5Wk5UY2VIOVRnZi9EcG5FOUtFbk5aSkpmU3ZhRzRhMy9KUGdXUWVFd1Y5ZzhzNlJVa05zWG03SnZaclV1SlcyeU16V0ZiVyt3K2YwUGt4MWFYVmVQUGlOWHdFZFEzR243S1NOR1piRExWVmcwa2UwZDNvRjhPTExQbFlPZmNWMTFhbEpZUTl5OHdhVVJzd2x0Y2hCTWJuT2Z6Vy9rZ2t6Yys4b1hpQlMwRmZQWlV2RG9xZ1B2SjZuNDBMSVhXd0VqKy9raGpyaGZiYzFXTm56SGtXRWZDZ21WWEZJPXw&cppv=2
Request Chain 53
  • https://ads.us.e-planning.net/pbjs/1/2d2a6/1/xyupload.com/ROS?rnd=0.18112869847422108&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3A120x600%2B250x250_0%3A250x250%2B970x250_0%3A970x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90%2B468x60_0%3A468x60&ur=https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F&r=pbjs&pbv=4.39.0&ncb=1&vs=FFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F&ccpa=1YNN&pubcid=e278ee45-7a3f-4d8a-807d-98373c689754 HTTP 302
  • https://ads.us.e-planning.net/hb/1/2d2a6/1/xyupload.com/ROS?ct=1&r=pbjs&rnd=0.18112869847422108&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3A120x600%2B250x250_0%3A250x250%2B970x250_0%3A970x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90%2B468x60_0%3A468x60&ur=https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F&r=pbjs&pbv=4.39.0&ncb=1&vs=FFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F&ccpa=1YNN&pubcid=e278ee45-7a3f-4d8a-807d-98373c689754
Request Chain 63
  • https://c.mgid.com/c?pv=2&v=0|0|0|Jxx3LXpELBrTWGgdkLhL4HM4zZuzATzMeTlm_5yPWUlQ6sKq1uSGjhryEDNHghqi&cid=1056819&f=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&rid=28f2b537-0651-11ec-b31e-e4434b151302&psid=784581&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzgzMzYxNjIvMzI4eDMyOC8tL2FIUjBjRG92TDJOc0xtbHRaMmh2YzNSekxtTnZiUzlwYldkb0wybHRZV2RsTDJabGRHTm9MMkZ5WHpFNk1TeGpYMlpwYkd3c1pWOXphR0Z5Y0dWdU9qRXdNQ3htWDJwd1p5eG5YMlpoWTJWek9tRjFkRzhzZDE4NU5qQXZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qRXRNREl2TVRBeE9USTBMelk0WmpNellXUXdZamhrTVRNME5UWXhZVFl3TURjeU5tRm1aRFUyT1RVekxtcHdady53ZWJwP3Y9MTYyOTk3MDYxOS04cEZOY3ZFaTdvLVJCZ2x5VjliWnIzN3dMTWs1UlZBMVFBcUZwR1FMYWRr HTTP 301
  • https://s-img.mgid.com/g/8336162/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDIvMTAxOTI0LzY4ZjMzYWQwYjhkMTM0NTYxYTYwMDcyNmFmZDU2OTUzLmpwZw.webp?v=1629970619-8pFNcvEi7o-RBglyV9bZr37wLMk5RVA1QAqFpGQLadk
Request Chain 72
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D49dc1a70272a5a9a%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D49dc1a70272a5a9a%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=49dc1a70272a5a9a&uid=108c46d0de3248ce0364fa46
Request Chain 73
  • https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=93594267-628c-4596-a022-b0105d6c3416
Request Chain 74
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=108c46d0de3248ce0364fa46
Request Chain 75
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5952754274345941442
Request Chain 83
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=xyupload.com&sn=ChromeSyncframe&so=0&topUrl=xyupload.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=GVoLLnxpZllHMnQ1TXdzRXFaNzRTRUsrMXhPM0xra051OFFrQWU4czRhYVJvenk5T1pteDNUaDBMcGc3cnRmUU5FeUhtSlpzOFJ0MElMNzk2Y2NyaGRPSHBXTnR1YXdjVll0WkVrbGJXRTBuVDR0dit1KzRIWXYzSlVpK0tKQUxad1VYRGUzUjd6UWlPVnM1VTRvL2RKb1hmaDRIU2NkVUw4ejJwUWJRNGdRTnNKOE82amNSQmJuMGNLMGRCMlRRempNRXZZZnorRzlsQ0NUZUE5blAvTEhydEJYZHI2R3I1UUZyWU9sK3BqaHR2RDc4PXw&cppv=2

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/ 		298 KB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5998 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.3
Resource Hash
e96e522d23efaadcece9f0749c36d1c33cf370d711fd5f60af79615165966dd2

Request headers

:method
GET
:authority
xyupload.com
:scheme
https
:path
/solved-for-quickbooks-2021-qbdbmgrn-not-running/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:57 GMT
content-type
text/html; utf8_unicode_ci;charset=UTF-8
x-powered-by
PHP/5.3.3
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=5rj6tj8ts6dhepea7qdmbu1ft7; path=/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpufQFLwM0WT%2FSbfmcrW5M7%2FOb6hBQeLwZEl4lLMvkDU%2Frc7tJQ%2F1gAvI0FNpgqNkDCkSSEmAA6bBzvcZK%2ByKp4mL%2BPCAyclBGFGLUBO44b2bANRkqUSA05YjXV0atdtdqrhzXt7u0cpHpU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
684c1421790a6413-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
3680812
in-page-push.com/400/ 		83 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://in-page-push.com/400/3680812
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2447faaf656f1cf3610063b878a28c4167029cc8082b185272399cf0c366e12e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id
19bffb934bdd9a94d036cb5782ac31c3
pragma
no-cache
date
Thu, 26 Aug 2021 09:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
banners
mybetterdl.com/adServe/
Redirect Chain
  • https://p336138.clksite.com/adServe/banners?tid=336138_739198_2
  • https://mybetterdl.com/adServe/banners?tid=336138_739198_2
81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybetterdl.com/adServe/banners?tid=336138_739198_2
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
ebb2d6897ad7ea3a03467bb3613069fc78b9a7796ec8b570145e2481c61dc8ad

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://mybetterdl.com/adServe/banners?tid=336138_739198_2
date
Thu, 26 Aug 2021 09:36:57 GMT
server
nginx
content-length
162
content-type
text/html
tghr.js
mailwithcash.com/aas/r45d/vki/1789854/ 		67 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mailwithcash.com/aas/r45d/vki/1789854/tghr.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3a414c2da79ba4ddd427fac0a5c5c5677bc4390ac160a9cac41f097585078a36

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 12:26:12 GMT
server
nginx
etag
W/"61029e64-10d3f"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
style.css
xyupload.com/content/themes/slightlyyellow/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xyupload.com/content/themes/slightlyyellow/css/style.css
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5998 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef311b836fc30fc9c7d6a0c75db64eafe1a0e572d315d1a41f6bd21821710acd

Request headers

:path
/content/themes/slightlyyellow/css/style.css
pragma
no-cache
cookie
PHPSESSID=5rj6tj8ts6dhepea7qdmbu1ft7
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
xyupload.com
referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132713
cf-polished
origSize=7524
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 24 Aug 2021 20:45:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QISuHiPXjkthMeWpV1WXGJCQEzvjbQL8%2BLggvq7paqITSiABz%2BFJzMyfM1wPNLCCgGs1Es5KBPX6hw8aPJImAAmFJxUm3QIRFlcD52mPOUWT%2BN0A9m0El6dk6ciVBoTemM%2BGq5R8BfAhxc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
684c142619fe6413-FRA
cf-bgj
minify
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617
age
13523699
cdn-cachedat
2021-03-11 11:57:55
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a9f1136dc57a7605179530d5ffb85493
cf-ray
684c142639e4dfef-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 		115 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617
age
13524043
cdn-cachedat
2021-03-11 11:59:33
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3635dc8c77fba3315be6707289c4e04d
cf-ray
684c142639e5dfef-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
summernote.min.css
cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/summernote.min.css
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ed9119918adf7c9541d700ee80910ef8d0220ff312ebce648c5bec1e663fd8b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
196268
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1821
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:30 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fde-296a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmnZUdr82xZTIGpYLtJkiKt0mMEnyYNJnSXA%2Bhmw%2FWKT5sdIFloJmaQU9L0ONEynftpdpSTTgiEyObMFsgNWCCFL4Bzbj4jgw7Jh2mUwatrs88LT9Mv5AnwsjlhdjQhVsKz8wuUczO%2FJ%2B01dvKF%2FaaE7"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
684c14262f154e2c-FRA
expires
Tue, 16 Aug 2022 09:36:57 GMT
summernote-bs3.min.css
cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/ 		108 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/summernote-bs3.min.css
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f115537e496e739219369c034a7f579774a7e280d9121d450b397e1fae14839
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10671167
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12311
cf-request-id
09a75dd52400002c3651aca000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:30 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fde-1af7f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2Fk2KsGur%2Brw8hYPNq1GbJtMhtol%2Bla7p1yOHGwwqD6eSrgsFuj9F7tqNiZhSGmXSqTZ9vIQsifdS72qGkI3%2BD8gPJTa5jGhp6JqA1mDZcXInkm%2FJZeM3OzjmVrcmI1IXWg7FqdeUN8vGCpSMw2m%2F1Gl"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
684c14262f164e2c-FRA
expires
Tue, 16 Aug 2022 09:36:57 GMT
animate.min.css
cdn.jsdelivr.net/animatecss/3.2.0/ 		56 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/animatecss/3.2.0/animate.min.css
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
75e515b760b09638008dcdea00101f2d8d09135f9306d11eafac21c64f5e31c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
34514
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4206
etag
W/"e088-Z3HZuX6HLe1CG5UU2FfQAcLxUuI"
x-served-by
cache-fra19129-FRA
date
Thu, 26 Aug 2021 09:36:57 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
hotaru_css_1579520224.css
xyupload.com/cache/css_js_cache/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xyupload.com/cache/css_js_cache/hotaru_css_1579520224.css
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5998 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a93a80a679bc28da6416099aa8d16eff66be8b91e7e7f00f0e5e732f2b7edd9

Request headers

:path
/cache/css_js_cache/hotaru_css_1579520224.css
pragma
no-cache
cookie
PHPSESSID=5rj6tj8ts6dhepea7qdmbu1ft7
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
xyupload.com
referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
494376
cf-polished
origSize=10651
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Fri, 20 Aug 2021 16:17:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmWN276CIduqcIOO7dDbLi2NFSpQgj5mUe%2BVCTX5eAh%2FoFk5ZEf3%2FddZr7ohmpNRc6k6veYsq6FAWpSDCC70K8s9FdGY%2BMo9qvjnsQ92%2F11EGfC1n6OYW3QlbsF8mJMmi6jAqWRPMqCq84w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
684c142619ff6413-FRA
cf-bgj
minify
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,700,300
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cd109685aad091ac9e233f99deedc4ff3aa2302a7d7d8a7064d6a14d1f87db77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 08:07:19 GMT
server
ESF
date
Thu, 26 Aug 2021 09:36:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Aug 2021 09:36:57 GMT
css
fonts.googleapis.com/ 		8 KB
678 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,200,200italic,300,300italic,400italic,600,600italic,700,700italic,900&subset=latin,latin-ext
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e449283936daf9239f7c939da9e17d0d1f5819b822224b876085d00618f19ca5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 09:32:11 GMT
server
ESF
date
Thu, 26 Aug 2021 09:36:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Aug 2021 09:36:57 GMT
banners
mybetterdl.com/adServe/
Redirect Chain
  • https://p336138.clksite.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true
  • https://mybetterdl.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true
80 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybetterdl.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
5874114bee209237069bd33429ad56be7297f1052ed106f1c82228ea63fd02e3

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://mybetterdl.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true
date
Thu, 26 Aug 2021 09:36:57 GMT
server
nginx
content-length
162
content-type
text/html
repaircontact99.jpg
xyupload.com/content/images/profile_images/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyupload.com/content/images/profile_images/repaircontact99.jpg
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5998 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f42a7e2b5f954cadaec0fc92752290a954b361abbd11b59c1798f4c9b8bd880d

Request headers

:path
/content/images/profile_images/repaircontact99.jpg
pragma
no-cache
cookie
PHPSESSID=5rj6tj8ts6dhepea7qdmbu1ft7; rhid_c=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xyupload.com
referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
cf-cache-status
MISS
last-modified
Thu, 26 Aug 2021 09:36:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lp8ZeheLDaCTFSi1yT%2BzDDxX9AnlgvsI1ZhWher%2FWk%2BEyg5DbsZeXZnoO14u5xZOAVCfvy9mYD1WQTqu0egPUrhDHYa%2FS6dPppej4vR45PXok%2BcIYQMi9UiIiuxSXNvO12k1pdn7AhNyBTw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
684c142c6a0b42e7-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
49893
code.js
stagepopkek.com/lv/esnk/1832780/ 		108 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stagepopkek.com/lv/esnk/1832780/code.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cdbdd0d14cf9a00eb7193fa4c6d316dfd5c55d8af9034f56ae63fd9a33e4dbeb

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 15:35:01 GMT
server
nginx
etag
W/"61096225-1afc3"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
1
native.propellerclick.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://native.propellerclick.com/1?z=2871466
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.235 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
x-sc
4KdnrdofxFOHMlcU
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
access-control-expose-headers
X-Sc
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length
7
Vancouver_Small..._1622960841_0669.jpg
xyupload.com/content/images/post_images/ 		469 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyupload.com/content/images/post_images/Vancouver_Small..._1622960841_0669.jpg
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5998 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
191ef96842ca54b0ed605ff77a6aca246738b714617ae3cd6a888585d9d192fe

Request headers

:path
/content/images/post_images/Vancouver_Small..._1622960841_0669.jpg
pragma
no-cache
cookie
PHPSESSID=5rj6tj8ts6dhepea7qdmbu1ft7; rhid_c=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xyupload.com
referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BVogo%2Bd7wjJLIIhF2c1%2BbDyoUFplh1xXu69NpmymAjBuw5dSWgQrrbelwvvs%2FAEDswGNSB9g48NSfZHfTb47aZkV8crx7blW5XrdWRwYWBEWi59JmX4PuCdlOHoTmx3v0f10%2FvmQC95ueI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
684c142cbac142e7-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Sigmakom_com_Domaci_Filmovi_Domace_Serije_Turske_serije_Online_On_Line_1427919320_47.jpg
xyupload.com/content/images/post_images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyupload.com/content/images/post_images/Sigmakom_com_Domaci_Filmovi_Domace_Serije_Turske_serije_Online_On_Line_1427919320_47.jpg
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5998 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95d4656ced9485b7ce8789f7f737d7dd86e2a41501e6cfbbce5a2bd3188166bd

Request headers

:path
/content/images/post_images/Sigmakom_com_Domaci_Filmovi_Domace_Serije_Turske_serije_Online_On_Line_1427919320_47.jpg
pragma
no-cache
cookie
PHPSESSID=5rj6tj8ts6dhepea7qdmbu1ft7; rhid_c=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xyupload.com
referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
cf-cache-status
HIT
last-modified
Wed, 25 Aug 2021 21:21:23 GMT
server
cloudflare
age
44135
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wk8w1Bde2mQ9Dc6Gfp3rucXZc4Y%2BZMUP33ALETZM59SV2%2BZuwxRXhV60EC69T6m2OJgUOP3CYTpTgpDbACPFHS4HLpygwB8h400yJZ%2FmWdXScNKJYqUiPd3Olfl88GsyIxNlx4UhEo1hetA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
684c142cbac342e7-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1804
Vatre_ivanjske_2014_Epizoda_65_1427899639_27.jpg
xyupload.com/content/images/post_images/ 		479 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyupload.com/content/images/post_images/Vatre_ivanjske_2014_Epizoda_65_1427899639_27.jpg
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5998 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
712084b6cada1e9bdd79ccd4e7df7ec8001ee5d50fe5d87729ff24a6d439cdd6

Request headers

:path
/content/images/post_images/Vatre_ivanjske_2014_Epizoda_65_1427899639_27.jpg
pragma
no-cache
cookie
PHPSESSID=5rj6tj8ts6dhepea7qdmbu1ft7; rhid_c=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xyupload.com
referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VSyhVb5iSdUqpXabwtdN8HIyzO3LIPfUPTwzLGLqBUwPxm%2BaIxHqUB1dUKwiGn2%2BUCwsUcLCXg9E0de6NFVov1Uis%2FERU1KgIBJLLgJVQk9nTw3kAJ5F%2Fuz8l7%2ByrTaRzbvk74TFXg1A8hs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
684c142cbac542e7-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
hotarucms.png
xyupload.com/content/themes/slightlyyellow/images/ 		304 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyupload.com/content/themes/slightlyyellow/images/hotarucms.png
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5998 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc1e86402ced8ca79531a86c299d37ebd3f1d41b506ec643bb9315b133600dfa

Request headers

:path
/content/themes/slightlyyellow/images/hotarucms.png
pragma
no-cache
cookie
PHPSESSID=5rj6tj8ts6dhepea7qdmbu1ft7; rhid_c=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xyupload.com
referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
cf-cache-status
HIT
last-modified
Wed, 25 Aug 2021 21:21:23 GMT
server
cloudflare
age
44135
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyuyhvmbTGqvOadPiAKJuURl3utwuUCXu4gyqGXnmlnjCYYCAgVm0Vawl3StwRCdLzNXG9AZZliR2WbZyypgnlFcTGLYVbGQaWwUeNynZGpga%2FAF0q4CR%2BfxsKPXjPPJBB%2FE9vWwOObv9k8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
684c142cbac642e7-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
304
rocket-loader.min.js
xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5998 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma
no-cache
cookie
PHPSESSID=5rj6tj8ts6dhepea7qdmbu1ft7; rhid_c=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
xyupload.com
referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Aug 2021 12:03:41 GMT
server
cloudflare
etag
W/"611e489d-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7ffUApBShzIXgAHl3WXl61GuocilFnrbCuTKbYXnruF7yoIos6L%2FNeOPGxHxOn7SdDIEVvrOZT1RfsNtWE42TwRqN8ub354aSrV3LBTpeKZHHaXND9EHeLqjJ%2Bc2zLBIO28psiSlJFagFk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
684c142cbac742e7-FRA
vary
Accept-Encoding
expires
Sat, 28 Aug 2021 09:36:58 GMT
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 21:41:27 GMT
server
cloudflare
etag
W/2021.5.3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
684c142ccf964303-FRA
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v40/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://xyupload.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 00:36:48 GMT
x-content-type-options
nosniff
age
205210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31624
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:38 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Aug 2022 00:36:48 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://xyupload.com
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
10801278
cdn-cachedat
2021-04-23 10:04:35
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
56780
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
68bfe85d20fbb4f76e6acc798e571872
accept-ranges
bytes
cf-ray
684c142ccd924a8b-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v10/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v10/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,200,200italic,300,300italic,400italic,600,600italic,700,700italic,900&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e35ec3dfa80b7851b7826fcae5e1ef652d03d77c6c2af9f0bf1b97d49fe876d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://xyupload.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 21:56:40 GMT
x-content-type-options
nosniff
age
214818
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11720
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 00:00:00 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Aug 2022 21:56:40 GMT
NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v10/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v10/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,200,200italic,300,300italic,400italic,600,600italic,700,700italic,900&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa20d91c9e94f0dcd1398f5e8909706c437748ca1800616ee76deb6cefbdf03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://xyupload.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 22:32:43 GMT
x-content-type-options
nosniff
age
126255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12356
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 00:07:27 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Aug 2022 22:32:43 GMT
knockout.mapping.min.js
cdnjs.cloudflare.com/ajax/libs/knockout.mapping/2.4.1/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/knockout.mapping/2.4.1/knockout.mapping.min.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81a1a86cd93570f6a3d1a6dc566c99c5462008fb2e7822703798b80e30b8052d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5896246
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3143
cf-request-id
0ac3f95cd400004a6210851000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ecf-28fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLw3jkoGdKMvZNhgw56XvLM5tmlT9xUPsnc3OYssAFRW9YqLccmPTVjNx60yzwxglwCBRNhKmz0K%2BNH6g5KybnRUakVzAPwG6UfqPll6Y3vRk%2B5T2NdRajyPzbXyl5lAXcV1SgHp4A%2B7Y%2Bq6Zx8MrXV7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
684c142dbd9c3250-FRA
expires
Tue, 16 Aug 2022 09:36:58 GMT
knockout-min.js
cdnjs.cloudflare.com/ajax/libs/knockout/3.2.0/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/knockout/3.2.0/knockout-min.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e25a7723726c566cfc2a659482bba6fc00596edcd90837388346e8d11070d165
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
47884
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
17751
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ecf-d371"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxDIw7OjNNsMWxV%2FzYacRDHKALDfkA3NRK%2FnAJCnW6h%2BRiOTwbZHZgbnKvupaAyf8hKHtoTKBO8OIL3L3LS5kbdrg9lbyyiUdgTZU5FQCkepNScy19Ca2JC8FrOBhuqwqauRMQ0zE8SeB1lurNd7SB00"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
684c142dbd9f3250-FRA
expires
Tue, 16 Aug 2022 09:36:58 GMT
summernote.min.js
cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/ 		72 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/summernote.min.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
875e306562c94989638b19ec0227a0007fc3fe1482f432e5e7925ddfe3d04813
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4367070
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
20127
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:30 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fde-120fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zH%2Fzzi6JgMzdTbhaIqYqeBk20WY7E8VU4QQ7AN3TlP1zoASKPeloAxDiadcfJ3j%2BpdTBrEr2PIR78dv14OX82ZenkK1H8L56pqO%2BS3M%2BE7fQM1ztXioT%2FdZx0feK%2FbMbLfvO0AoeEk6Tg38EfhNFOKOh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
684c142dbd9e3250-FRA
expires
Tue, 16 Aug 2022 09:36:58 GMT
hotaru_js_1627555275.js
xyupload.com/cache/css_js_cache/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xyupload.com/cache/css_js_cache/hotaru_js_1627555275.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5998 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2c9e594b30e7f07da7be7026a5544294ede153ca3af7fc1d06573a50fbaee16

Request headers

:path
/cache/css_js_cache/hotaru_js_1627555275.js
pragma
no-cache
cookie
PHPSESSID=5rj6tj8ts6dhepea7qdmbu1ft7; rhid_c=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
xyupload.com
referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNw0umIJFE1M3%2BPSEg1%2FputXNPfr%2BhVfs9ek5HS5H0n4cmSZw6yJpB65dKCxJhoKhmZLX9abm6lzDPDas%2F0%2BZtA8fVuOkyDKBYBlqKj8ag0YQj4kTvcj%2FjezfDUbuvE2Mt6ozVEKrAZ%2BVb4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, private
cf-ray
684c142dad0542e7-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 718
age
13522208
cdn-cachedat
2021-03-11 11:57:55
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
1d4be5fddad4a0a9241728c5f5457839
cf-ray
684c142db8bf4eda-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
load2.js
tags.h12-media.com/ 		244 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.h12-media.com/load2.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.51.131.141 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0
Resource Hash
eb88b43b6cbbc83daac9dfc061d9c76e8d238444052928e7cd18dbfc2f441b9d

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:57 GMT
content-encoding
gzip
etag
"b358b0f43991d71:0"
last-modified
Sat, 14 Aug 2021 18:26:53 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
92371
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29725
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Aug 2022 13:03:46 GMT
banners
mybetterdl.com/adServe/
Redirect Chain
  • https://clksite.com/adServe/banners?tid=336138_654829_2&pause=5
  • https://mybetterdl.com/adServe/banners?tid=336138_654829_2&pause=5
79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybetterdl.com/adServe/banners?tid=336138_654829_2&pause=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
8896f6d0e5df6485d5dd588b66e262252e3c21aae011bc3ff81fca069c2337f2

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://mybetterdl.com/adServe/banners?tid=336138_654829_2&pause=5
date
Thu, 26 Aug 2021 09:36:58 GMT
server
nginx
content-length
178
content-type
text/html
banners
mybetterdl.com/adServe/
Redirect Chain
  • https://clksite.com/adServe/banners?tid=336138_654829_1&tagid=2
  • https://mybetterdl.com/adServe/banners?tid=336138_654829_1&tagid=2
79 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybetterdl.com/adServe/banners?tid=336138_654829_1&tagid=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
096daaa6e54eacbd0caea86def174eb8b92786a1418513901c65a6e8877220bb

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://mybetterdl.com/adServe/banners?tid=336138_654829_1&tagid=2
date
Thu, 26 Aug 2021 09:36:58 GMT
server
nginx
content-length
162
content-type
text/html
ipp_tag_95-5.js
p336138.mycdn.co/banners/script/ 		166 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p336138.mycdn.co/banners/script/ipp_tag_95-5.js
Requested by
Host: p336138.clksite.com
URL: https://p336138.clksite.com/adServe/banners?tid=336138_739198_2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4bbbf3a099825205a2c718ea7594e2039ee888e5677b7c774147ca5bc4007d38

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
gzip
last-modified
Mon, 27 Jan 2020 13:32:59 GMT
server
NetDNA-cache/2.2
etag
W/"5e2ee68b-299b5"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31104000
expires
Sun, 21 Aug 2022 09:36:58 GMT
rhpop_80.2-1.js
p336138.mycdn.co/script/ 		174 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p336138.mycdn.co/script/rhpop_80.2-1.js
Requested by
Host: p336138.clksite.com
URL: https://p336138.clksite.com/adServe/banners?tid=336138_739198_2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
93a4512f74d4f46b230b4a335f956c14688561bd60a9c2e307ccb413c4fd6f4d

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:33:16 GMT
server
NetDNA-cache/2.2
etag
W/"5d10b4fc-2b75b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31104000
expires
Sun, 21 Aug 2022 09:36:58 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2983
date
Thu, 26 Aug 2021 08:47:15 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 26 Aug 2021 10:47:15 GMT
apu.php
otrwaram.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://otrwaram.com/apu.php?zoneid=1469020&oo=1
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7d255ac47fb5f5d27f7540f44fd9fc797e1ed819efdcbb0e64db61745c54aacd
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-max-age
86400
x-trace-id
5353136c5d6d72ec0b71afcfd72f640c
pragma
no-cache
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://xyupload.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch"
expires
Tue, 11 Jan 1994 10:00:00 GMT
tag.min.js
otrwaram.com/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://otrwaram.com/tag.min.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b5f41b9101cd10b5d8f1b83031091e75b4a99b0302df343ec7210166c0e6583b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
br
x-content-type-options
nosniff
access-control-max-age
86400
content-length
20202
x-trace-id
b4797ebddd862953f19f5eaefedacedb
pragma
no-cache
last-modified
Wed, 25 Aug 2021 08:56:07 GMT
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
rum
xyupload.com/cdn-cgi/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xyupload.com/cdn-cgi/rum?req_id=684c1421790a6413
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5998 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://xyupload.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
PHPSESSID=5rj6tj8ts6dhepea7qdmbu1ft7; rhid_c=0
content-length
1348
:path
/cdn-cgi/rum?req_id=684c1421790a6413
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
xyupload.com
referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://xyupload.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
684c142e0e2b42e7-FRA
vary
Origin
__utm.gif
ssl.google-analytics.com/r/ 		35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=22002913&utmhn=xyupload.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Solved%20For%20QuickBooks%202021%20Qbdbmgrn%20Not%20Running%20%C2%AB%20xyupload.com&utmhid=1517072540&utmr=-&utmp=%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F&utmht=1629970618599&utmac=UA-15566844-1&utmcc=__utma%3D188522913.801327305.1629970619.1629970619.1629970619.1%3B%2B__utmz%3D188522913.1629970619.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=727550395&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Aug 2021 09:36:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
f.h12-media.com/ 		29 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.h12-media.com/
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/load2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4b0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
b10b787152b8b545d6c5d11d810a10c19a03a4fde8b96a2bfe010a809032c6e8

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET, ARR/3.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfLnOCZfuvIfqIOa6jJE5vEVhJu5YzrubT0ByJ1xAdAw%2BKCmxPxDbCJAvFcdrEKbZzFpjZJh9UPFAPJf%2FXDk7ns6QXSh7ejng%2BlGkTPTRq46HoCr%2FXXzhmmyfmY2lUSSnV8M2ZgZ4c485nsyJ3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600,private
cf-ray
684c142ee8fb2c4e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		65 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: in-page-push.com
URL: https://in-page-push.com/400/3680812
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
1d6f9962105645aa9f030ca5c93803512e1430b65b8d6f412f24de4b8b060acd
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:52 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://xyupload.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
tags.js
tags.h12-media.com/v3/ Frame 335C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%222a01%3A4f8%3A121%3A131a%3A%3A2%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickysmart%22%2C%22pubid%22%3A%225cdaacef9be0bc5b971260214ca88323%22%2C%22adunitid%22%3A%2222440%22%2C%22topurl%22%3A%22https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22c40mak9n77g%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A4%2C%22hourofday%22%3A11%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22ltr%22%2C%22cdims%22%3A%5B1600%2C1200%5D%2C%22ddims%22%3A%5B1600%2C1859%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B0%2C50%5D%2C%22maxwidth%22%3A1600%2C%22maxheight%22%3A1200%7D&rnd=0.66950037814192
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.51.131.141 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0
Resource Hash
81c0dab8b1b9d140f777d24af244ef925002b353cf3d625177bbaba5f8cc0eef

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:57 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0
vary
Accept-Encoding
content-type
application/x-javascript; Charset=UTF-8
access-control-allow-origin
cache-control
no-store,no-cache,max-age=0,private
access-control-allow-credentials
true
srg-x
x-.172
content-length
7687
it-ui-comp-ipp-bnr.css
p336138.mycdn.co/uicomp/styles/dist/95-5/ 		397 B
455 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p336138.mycdn.co/uicomp/styles/dist/95-5/it-ui-comp-ipp-bnr.css
Requested by
Host: p336138.mycdn.co
URL: https://p336138.mycdn.co/banners/script/ipp_tag_95-5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4c526f1f7d947231ba673d79d48a4220cf71607988099ef0b505f7ed7fb54759

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
gzip
last-modified
Mon, 27 Jan 2020 13:33:09 GMT
server
NetDNA-cache/2.2
etag
W/"5e2ee695-18d"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31104000
expires
Sun, 21 Aug 2022 09:36:58 GMT
findBanner
mybetterdl.com/adServe/banners/ 		27 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mybetterdl.com/adServe/banners/findBanner?num=1&keyword=QuickBooks%202021%20Qbdbmgrn%20Not%20Running%2C&tid=336138_739198_2&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp336138.mycdn.co&bs=undefined&referrer=https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F&ap=cmp%3DIN_PAGE_PUSH%26evp%3DCCsyYUp0os2jSMZ2MPUv4IBVNmK1S2tVIIRtHqIg8YD2dCUnqk4Sy0T3oInxP2Fc%26sjv%3D132.1%26ctid%3D0%26th%3D1200%26tw%3D1600%26inco%3D0%26tip%3DSolved%2520For%2520QuickBooks%25202021%2520Qbdbmgrn%2520Not%2520Running%2520%25C2%25AB%2520xyupload.com&pid=336138&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0yJmk9MCZvPS0xMjAmc29fZmI9LTEmc29fZ289LTEmc29fZ3A9LTEmc29fdHc9LTEmc3A9MDAwMDAwMDAwMDAwMTAwMDAwMDAwMDAmbW1fbW49MCZtbV9hcz0wJm1tX2FkPTAmbW1fbXQ9MCZtbV9zYz0wJm1tX3NkYz0wJm5jcnM9MTI%3D&olive=1&callback=ITCcg0mxd0nh66
Requested by
Host: p336138.mycdn.co
URL: https://p336138.mycdn.co/banners/script/ipp_tag_95-5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
96f90e98e5747bf3cc97912984d7b0ca8e6d0d73574f07a0289353aeb7c999bd

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache
content-type
text/javascript;charset=utf-8
expires
Thu, 01 Jan 1970 00:00:00 GMT
3680812
in-page-push.com/500/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-page-push.com/500/3680812?excludes=&oaid=7018761e79fc4ade8f3e4fdcad6bf592&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: in-page-push.com
URL: https://in-page-push.com/400/3680812
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e6c32a441e09c2986860736788e27fa17b911719e3852c568278a71989ad8b38
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
10c5c3c65fc0af4800cac62bf08300fd
pragma
no-cache
date
Thu, 26 Aug 2021 09:36:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://xyupload.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
3680812
in-page-push.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://in-page-push.com/500/3680812?excludes=&oaid=7018761e79fc4ade8f3e4fdcad6bf592&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Server
139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://xyupload.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 26 Aug 2021 09:36:52 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET
access-control-allow-origin
https://xyupload.com
access-control-max-age
300
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security
max-age=1
x-content-type-options
nosniff
timing-allow-origin
*
prebid3_2.1.js
tags.h12-media.com/v3/ Frame 335C 		489 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.h12-media.com/v3/prebid3_2.1.js
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%222a01%3A4f8%3A121%3A131a%3A%3A2%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickysmart%22%2C%22pubid%22%3A%225cdaacef9be0bc5b971260214ca88323%22%2C%22adunitid%22%3A%2222440%22%2C%22topurl%22%3A%22https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22c40mak9n77g%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A4%2C%22hourofday%22%3A11%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22ltr%22%2C%22cdims%22%3A%5B1600%2C1200%5D%2C%22ddims%22%3A%5B1600%2C1859%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B0%2C50%5D%2C%22maxwidth%22%3A1600%2C%22maxheight%22%3A1200%7D&rnd=0.66950037814192
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.51.131.141 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0
Resource Hash
aa891bdea1635a237ec0fd8d65be674c5fcfb1333fa6c7a1df13b6d846d4802c

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:57 GMT
content-encoding
gzip
etag
"29a8959a8490d71:0"
last-modified
Fri, 13 Aug 2021 20:48:43 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
156392
truncated
/ Frame 335C 		488 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15fc980e2d05cf9333045a7ba43b3b4cbfd7e61e1eb9b47be00f01ce1e14589f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxyupload.com%2F&domain=xyupload.com&cw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://xyupload.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://xyupload.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1442
date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 335C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxyupload.com%2F&domain=xyupload.com&cw=1
  • https://mug.criteo.com/sid?cpp=cGp0o3xkNUkvc2U4STQ1ZUV2VTR5Wk5UY2VIOVRnZi9EcG5FOUtFbk5aSkpmU3ZhRzRhMy9KUGdXUWVFd1Y5ZzhzNlJVa05zWG03SnZaclV1SlcyeU16V0ZiVyt3K2YwUGt4MWFYVmVQUGlOWHdFZFEzR243S1NOR1piRE...
360 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=cGp0o3xkNUkvc2U4STQ1ZUV2VTR5Wk5UY2VIOVRnZi9EcG5FOUtFbk5aSkpmU3ZhRzRhMy9KUGdXUWVFd1Y5ZzhzNlJVa05zWG03SnZaclV1SlcyeU16V0ZiVyt3K2YwUGt4MWFYVmVQUGlOWHdFZFEzR243S1NOR1piRExWVmcwa2UwZDNvRjhPTExQbFlPZmNWMTFhbEpZUTl5OHdhVVJzd2x0Y2hCTWJuT2Z6Vy9rZ2t6Yys4b1hpQlMwRmZQWlV2RG9xZ1B2SjZuNDBMSVhXd0VqKy9raGpyaGZiYzFXTm56SGtXRWZDZ21WWEZJPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2ba6afd97d3dff87b51b6f910afda9c4f04ea4225056c0118278725371258529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 26 Aug 2021 09:36:58 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2418
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 26 Aug 2021 09:36:58 GMT
location
https://mug.criteo.com/sid?cpp=cGp0o3xkNUkvc2U4STQ1ZUV2VTR5Wk5UY2VIOVRnZi9EcG5FOUtFbk5aSkpmU3ZhRzRhMy9KUGdXUWVFd1Y5ZzhzNlJVa05zWG03SnZaclV1SlcyeU16V0ZiVyt3K2YwUGt4MWFYVmVQUGlOWHdFZFEzR243S1NOR1piRExWVmcwa2UwZDNvRjhPTExQbFlPZmNWMTFhbEpZUTl5OHdhVVJzd2x0Y2hCTWJuT2Z6Vy9rZ2t6Yys4b1hpQlMwRmZQWlV2RG9xZ1B2SjZuNDBMSVhXd0VqKy9raGpyaGZiYzFXTm56SGtXRWZDZ21WWEZJPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://xyupload.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1849
content-length
482
expires
0
ROS
ads.us.e-planning.net/hb/1/2d2a6/1/xyupload.com/ Frame 335C
Redirect Chain
  • https://ads.us.e-planning.net/pbjs/1/2d2a6/1/xyupload.com/ROS?rnd=0.18112869847422108&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3A120x600%2...
  • https://ads.us.e-planning.net/hb/1/2d2a6/1/xyupload.com/ROS?ct=1&r=pbjs&rnd=0.18112869847422108&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3...
793 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2d2a6/1/xyupload.com/ROS?ct=1&r=pbjs&rnd=0.18112869847422108&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3A120x600%2B250x250_0%3A250x250%2B970x250_0%3A970x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90%2B468x60_0%3A468x60&ur=https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F&r=pbjs&pbv=4.39.0&ncb=1&vs=FFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F&ccpa=1YNN&pubcid=e278ee45-7a3f-4d8a-807d-98373c689754
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
e58694837ce698c650fdaaf4079bcd81bce414f2b0a0f64c98fbbac13130b28a

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:59 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://xyupload.com
expires
Thu, 26 Aug 2021 09:36:59 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
793
x-sid
AMS-743

Redirect headers

date
Thu, 26 Aug 2021 09:36:59 GMT
server
openresty
access-control-allow-origin
https://xyupload.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2d2a6/1/xyupload.com/ROS?ct=1&r=pbjs&rnd=0.18112869847422108&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3A120x600%2B250x250_0%3A250x250%2B970x250_0%3A970x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90%2B468x60_0%3A468x60&ur=https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F&r=pbjs&pbv=4.39.0&ncb=1&vs=FFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F&ccpa=1YNN&pubcid=e278ee45-7a3f-4d8a-807d-98373c689754
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-743
cdb
bidder.criteo.com/ Frame 335C 		0
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.39.0&cb=91635927509
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v3/prebid3_2.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://xyupload.com
date
Thu, 26 Aug 2021 09:36:58 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
/
ghb.adtelligent.com/v2/auction/ Frame 335C 		1 KB
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v3/prebid3_2.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
d80144bf89a200a30b70390b864efa2848d0f77ef2de3b2914e22c79781c6b47

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 26 Aug 2021 09:36:58 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://xyupload.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
568
/
bidder.h12-media.com/prebid/ Frame 335C 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.h12-media.com/prebid/?payload=62vqS8t_outMdOB03OYBP01msE0gQmBmDh2ciBdrLxsq6zlVJTAenICmbIYu9rZGIcljGhXl-U7txNSCJW8DFjvVTmxOm9xGC2CtTXKu1uNZSd4k1PMC3gWzuwaz6xgBmjVjk0MxqBJ8oKYOFFlDdH0Jsc5idu_ELBc9dUaXN73gFIp2GkCLhERVlVxWK2vyawvb0UMMmhWmNaffYDIRGcfEzeXzEPZHMF4hcPounfDum8D3UvW54s9ERdvY_pcOb7GxYjQfiXeNG2vgUQniuWdddecfaAQa9d7tO83w2AvEGQxeJj6ReL9hHnvhWr0o47qEwPkXDVbLaFHYTsLIE3JkQSJzj_4dqVTSpJQwjIKtHsfx0PBvbo9rcq-FLBicnodsny0LxDhP_FNawMpo0X_lCLTYtBg8W9nfugM14deYphcHp5WHMzgIAwxPBycBaRCEruGmjP3z1hjgN00OsiA02
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v3/prebid3_2.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.51.131.141 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
dfdbedce05ba35919e0c8de19b675adf02993a534072827e58a9df39ddc74c1c

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Aug 2021 09:36:58 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
content-type
application/json; Charset=UTF-8
access-control-allow-origin
https://xyupload.com
cache-control
no-store,no-cache,max-age=0,private
access-control-allow-credentials
true
srg-x
x-.167
procadsent
0.2695
content-length
1183
rhpop_80.2-1.js
p336138.mycdn.co/script/ 		174 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p336138.mycdn.co/script/rhpop_80.2-1.js
Requested by
Host: clksite.com
URL: https://clksite.com/adServe/banners?tid=336138_654829_1&tagid=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
93a4512f74d4f46b230b4a335f956c14688561bd60a9c2e307ccb413c4fd6f4d

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:59 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:33:16 GMT
server
NetDNA-cache/2.2
etag
W/"5d10b4fc-2b75b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31104000
expires
Sun, 21 Aug 2022 09:36:59 GMT
bounce-tag_80.2-1.js
p336138.mycdn.co/banners/bounce/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p336138.mycdn.co/banners/bounce/bounce-tag_80.2-1.js
Requested by
Host: clksite.com
URL: https://clksite.com/adServe/banners?tid=336138_654829_2&pause=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:59 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:33:16 GMT
server
NetDNA-cache/2.2
etag
W/"5d10b4fc-be2b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31104000
expires
Sun, 21 Aug 2022 09:36:59 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=cGp0o3xkNUkvc2U4STQ1ZUV2VTR5Wk5UY2VIOVRnZi9EcG5FOUtFbk5aSkpmU3ZhRzRhMy9KUGdXUWVFd1Y5ZzhzNlJVa05zWG03SnZaclV1SlcyeU16V0ZiVyt3K2YwUGt4MWFYVmVQUGlOWHdFZFEzR243S1NOR1piRExWVmcwa2UwZDNvRjhPTExQbFlPZmNWMTFhbEpZUTl5OHdhVVJzd2x0Y2hCTWJuT2Z6Vy9rZ2t6Yys4b1hpQlMwRmZQWlV2RG9xZ1B2SjZuNDBMSVhXd0VqKy9raGpyaGZiYzFXTm56SGtXRWZDZ21WWEZJPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1033
date
Thu, 26 Aug 2021 09:36:59 GMT
content-encoding
gzip
vary
Accept-Encoding
032577902997.png
static.cdnativepush.com/contents/s/e8/b9/a6/1acd43555092c654facfaae8d0/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/e8/b9/a6/1acd43555092c654facfaae8d0/032577902997.png
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8b71184482389f8b187e9c9c37a73bef2474008b3db007463163c42cbb2c19f7

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 26 Aug 2021 09:36:59 GMT
Last-Modified
Fri, 17 Jan 2020 13:49:39 GMT
Server
nginx
ETag
"5e21bb73-c6c"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
3180
/
bidder.h12-media.com/iframe/ Frame 048F 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bidder.h12-media.com/iframe/?impdata=4wz9gz5EBdHxsQRxEZdRSpXBY1iNjLsVKceyS9l8XzKR_dh1wDkc3Lnfojz6T23s3BNql4egRSztbDdSeoljXKM1Ume7XxrTFjHsCkjRGMkJSIiHS0W4gryi0yX4IdIi-iFL9pYCIhojUeTcc43w0xIdnzSWzfL2KSZ8t_5gkHurb70EPshsjS9ZoESAQKvY8GHrtNLb-lsVmT90OkO1TvRMRXrs9mMdpIhn4_KEe-HXIdwoXzNhl2MHug2lZYotepvFs2ATBuAP_HMkBChNm4xKaM14LW8_KaYFwXbvLTKphfX7dLTc6iM9-eKUvSq9CkKNpRKvMNfpI2e-DaT47hNYf7yMm0IsdGaZ4019bIY7-F89Y7wHlk1VeE5qARIl7szAzshN1ncGK8tTVzCGIZVeNa_efEDctOXbR2640a06VPSbJdmtAbVHj8wLZnicE8lNYTW5QCS6dil_N_9SwJ8gtVT0ap-Skfs1zaNu35O6gA1w8oZcax12_pHEK6RrhBFwaUzfbxOCJkZRHJ4Y6d1s1Zbax7_60VKN1D2BEi5JjR8p7XW-QDviS98c7o195n3npYGt6nc4zl2Jj9TX_Cr7cusuH6SKJ_uC765xPW1avCXl-NLFhTAlC2QZzRz1uGN7AwZhjrGUblJ7iig8Wc3lei6efUNi5z-xWwDwJ5mE71
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v3/prebid3_2.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.51.131.141 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET ARR/3.0
Resource Hash
72f1fc430e02489320d816c3c4a297a6d204e931771643061320182014bc5e66

Request headers

:method
GET
:authority
bidder.h12-media.com
:scheme
https
:path
/iframe/?impdata=4wz9gz5EBdHxsQRxEZdRSpXBY1iNjLsVKceyS9l8XzKR_dh1wDkc3Lnfojz6T23s3BNql4egRSztbDdSeoljXKM1Ume7XxrTFjHsCkjRGMkJSIiHS0W4gryi0yX4IdIi-iFL9pYCIhojUeTcc43w0xIdnzSWzfL2KSZ8t_5gkHurb70EPshsjS9ZoESAQKvY8GHrtNLb-lsVmT90OkO1TvRMRXrs9mMdpIhn4_KEe-HXIdwoXzNhl2MHug2lZYotepvFs2ATBuAP_HMkBChNm4xKaM14LW8_KaYFwXbvLTKphfX7dLTc6iM9-eKUvSq9CkKNpRKvMNfpI2e-DaT47hNYf7yMm0IsdGaZ4019bIY7-F89Y7wHlk1VeE5qARIl7szAzshN1ncGK8tTVzCGIZVeNa_efEDctOXbR2640a06VPSbJdmtAbVHj8wLZnicE8lNYTW5QCS6dil_N_9SwJ8gtVT0ap-Skfs1zaNu35O6gA1w8oZcax12_pHEK6RrhBFwaUzfbxOCJkZRHJ4Y6d1s1Zbax7_60VKN1D2BEi5JjR8p7XW-QDviS98c7o195n3npYGt6nc4zl2Jj9TX_Cr7cusuH6SKJ_uC765xPW1avCXl-NLFhTAlC2QZzRz1uGN7AwZhjrGUblJ7iig8Wc3lei6efUNi5z-xWwDwJ5mE71
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://xyupload.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
7thMile=593815b7%2Dca8d%2D4a63%2D9534%2Dffcd81aba934
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://xyupload.com/

Response headers

cache-control
no-store,no-cache,max-age=0,private
content-type
text/html; Charset=UTF-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
access-control-allow-origin
*
access-control-allow-credentials
true
srg-x
x-.183
x-powered-by
ASP.NET ARR/3.0
date
Thu, 26 Aug 2021 09:36:58 GMT
content-length
3681
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cc636f73406bd9f7fb945f29612f41773083aaa22ae8b55780cce683562bd22

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDIvMTAxOTI0LzY4ZjMzYWQwYjhkMTM0NTYxY...
s-img.mgid.com/g/8336162/328x328/-/ Frame 048F
Redirect Chain
  • https://c.mgid.com/c?pv=2&v=0|0|0|Jxx3LXpELBrTWGgdkLhL4HM4zZuzATzMeTlm_5yPWUlQ6sKq1uSGjhryEDNHghqi&cid=1056819&f=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&rid=28f2b537-0651-11ec-b31e-e4434b...
  • https://s-img.mgid.com/g/8336162/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90Lz...
12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8336162/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDIvMTAxOTI0LzY4ZjMzYWQwYjhkMTM0NTYxYTYwMDcyNmFmZDU2OTUzLmpwZw.webp?v=1629970619-8pFNcvEi7o-RBglyV9bZr37wLMk5RVA1QAqFpGQLadk
Requested by
Host: bidder.h12-media.com
URL: https://bidder.h12-media.com/iframe/?impdata=4wz9gz5EBdHxsQRxEZdRSpXBY1iNjLsVKceyS9l8XzKR_dh1wDkc3Lnfojz6T23s3BNql4egRSztbDdSeoljXKM1Ume7XxrTFjHsCkjRGMkJSIiHS0W4gryi0yX4IdIi-iFL9pYCIhojUeTcc43w0xIdnzSWzfL2KSZ8t_5gkHurb70EPshsjS9ZoESAQKvY8GHrtNLb-lsVmT90OkO1TvRMRXrs9mMdpIhn4_KEe-HXIdwoXzNhl2MHug2lZYotepvFs2ATBuAP_HMkBChNm4xKaM14LW8_KaYFwXbvLTKphfX7dLTc6iM9-eKUvSq9CkKNpRKvMNfpI2e-DaT47hNYf7yMm0IsdGaZ4019bIY7-F89Y7wHlk1VeE5qARIl7szAzshN1ncGK8tTVzCGIZVeNa_efEDctOXbR2640a06VPSbJdmtAbVHj8wLZnicE8lNYTW5QCS6dil_N_9SwJ8gtVT0ap-Skfs1zaNu35O6gA1w8oZcax12_pHEK6RrhBFwaUzfbxOCJkZRHJ4Y6d1s1Zbax7_60VKN1D2BEi5JjR8p7XW-QDviS98c7o195n3npYGt6nc4zl2Jj9TX_Cr7cusuH6SKJ_uC765xPW1avCXl-NLFhTAlC2QZzRz1uGN7AwZhjrGUblJ7iig8Wc3lei6efUNi5z-xWwDwJ5mE71
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b5e2603165b50c66b491da3628e545f782cb0df36129286c638d0803dced16

Request headers

Referer
https://bidder.h12-media.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:59 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Apr 2021 15:40:40 GMT
x-mg-request-uuid
954cba3e-02d5-4bab-9fd6-b1caa53db529
age
492014
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
684c14347ae34230-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12200
server
cloudflare

Redirect headers

pragma
no-cache
date
Thu, 26 Aug 2021 09:36:59 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
6c49f8dd-1bfd-47bd-ba89-5d7b59959855
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://s-img.mgid.com/g/8336162/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDIvMTAxOTI0LzY4ZjMzYWQwYjhkMTM0NTYxYTYwMDcyNmFmZDU2OTUzLmpwZw.webp?v=1629970619-8pFNcvEi7o-RBglyV9bZr37wLMk5RVA1QAqFpGQLadk
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
684c14336af24160-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy81NzU5ODgvODFhMjliZjg3MmIwZmUxY...
s-img.mgid.com/g/10111157/492x277/-/ Frame 048F 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10111157/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy81NzU5ODgvODFhMjliZjg3MmIwZmUxYzBkNWY5ODFlNjgxYWRmZWYuanBlZw.webp?v=1629970619-B-pCCEgsipuiYkaBDntGhbYF_WXtjdRgsGbcLw2Nq84
Requested by
Host: bidder.h12-media.com
URL: https://bidder.h12-media.com/iframe/?impdata=4wz9gz5EBdHxsQRxEZdRSpXBY1iNjLsVKceyS9l8XzKR_dh1wDkc3Lnfojz6T23s3BNql4egRSztbDdSeoljXKM1Ume7XxrTFjHsCkjRGMkJSIiHS0W4gryi0yX4IdIi-iFL9pYCIhojUeTcc43w0xIdnzSWzfL2KSZ8t_5gkHurb70EPshsjS9ZoESAQKvY8GHrtNLb-lsVmT90OkO1TvRMRXrs9mMdpIhn4_KEe-HXIdwoXzNhl2MHug2lZYotepvFs2ATBuAP_HMkBChNm4xKaM14LW8_KaYFwXbvLTKphfX7dLTc6iM9-eKUvSq9CkKNpRKvMNfpI2e-DaT47hNYf7yMm0IsdGaZ4019bIY7-F89Y7wHlk1VeE5qARIl7szAzshN1ncGK8tTVzCGIZVeNa_efEDctOXbR2640a06VPSbJdmtAbVHj8wLZnicE8lNYTW5QCS6dil_N_9SwJ8gtVT0ap-Skfs1zaNu35O6gA1w8oZcax12_pHEK6RrhBFwaUzfbxOCJkZRHJ4Y6d1s1Zbax7_60VKN1D2BEi5JjR8p7XW-QDviS98c7o195n3npYGt6nc4zl2Jj9TX_Cr7cusuH6SKJ_uC765xPW1avCXl-NLFhTAlC2QZzRz1uGN7AwZhjrGUblJ7iig8Wc3lei6efUNi5z-xWwDwJ5mE71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f66bde09391d52a4b5582b9c4b7c01ac421aba54b9d2632af32c89625909f3ae

Request headers

Referer
https://bidder.h12-media.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:59 GMT
cf-cache-status
HIT
last-modified
Wed, 28 Jul 2021 09:48:39 GMT
x-mg-request-uuid
8f681d91-f152-4807-a5e1-e21ed0b96d4b
age
1105783
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
684c14336aecd90d-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9610
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA1LzEwMTkyNC9lYjcwMTgwYzM5YjMyYTAyNjEyY...
s-img.mgid.com/g/9329141/492x277/-/ Frame 048F 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/9329141/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA1LzEwMTkyNC9lYjcwMTgwYzM5YjMyYTAyNjEyYWJjYzQ3MzFiMzNjNC5qcGVn.webp?v=1629970619-s5ERO3nJXTTFr2ryLxLIQKqmybbMu9LS0xoQG8hAmFM
Requested by
Host: bidder.h12-media.com
URL: https://bidder.h12-media.com/iframe/?impdata=4wz9gz5EBdHxsQRxEZdRSpXBY1iNjLsVKceyS9l8XzKR_dh1wDkc3Lnfojz6T23s3BNql4egRSztbDdSeoljXKM1Ume7XxrTFjHsCkjRGMkJSIiHS0W4gryi0yX4IdIi-iFL9pYCIhojUeTcc43w0xIdnzSWzfL2KSZ8t_5gkHurb70EPshsjS9ZoESAQKvY8GHrtNLb-lsVmT90OkO1TvRMRXrs9mMdpIhn4_KEe-HXIdwoXzNhl2MHug2lZYotepvFs2ATBuAP_HMkBChNm4xKaM14LW8_KaYFwXbvLTKphfX7dLTc6iM9-eKUvSq9CkKNpRKvMNfpI2e-DaT47hNYf7yMm0IsdGaZ4019bIY7-F89Y7wHlk1VeE5qARIl7szAzshN1ncGK8tTVzCGIZVeNa_efEDctOXbR2640a06VPSbJdmtAbVHj8wLZnicE8lNYTW5QCS6dil_N_9SwJ8gtVT0ap-Skfs1zaNu35O6gA1w8oZcax12_pHEK6RrhBFwaUzfbxOCJkZRHJ4Y6d1s1Zbax7_60VKN1D2BEi5JjR8p7XW-QDviS98c7o195n3npYGt6nc4zl2Jj9TX_Cr7cusuH6SKJ_uC765xPW1avCXl-NLFhTAlC2QZzRz1uGN7AwZhjrGUblJ7iig8Wc3lei6efUNi5z-xWwDwJ5mE71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5405a4d966f7573e0ea28a7e85475d4ec1a2fcfe940a972bfb81910f15c6e9b

Request headers

Referer
https://bidder.h12-media.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:59 GMT
cf-cache-status
HIT
last-modified
Mon, 24 May 2021 09:16:48 GMT
x-mg-request-uuid
ff2a2f1a-544f-4530-8696-ce0c33f52b75
age
8122403
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
684c14336aefd90d-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13624
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTMxLHlfNzQ3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA1LzEwMTkyNC8yMDk4Y...
s-img.mgid.com/g/9329200/492x277/-/ Frame 048F 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/9329200/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTMxLHlfNzQ3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA1LzEwMTkyNC8yMDk4YjQzNmQyZDgzZTM2MjQ1OTIyYTY1NzUwZTI5My5qcGVn.webp?v=1629970619-i8aBJD9ZEA9HK0ySS9WHRtoSD5kKtcTxW3WULMFxZL4
Requested by
Host: bidder.h12-media.com
URL: https://bidder.h12-media.com/iframe/?impdata=4wz9gz5EBdHxsQRxEZdRSpXBY1iNjLsVKceyS9l8XzKR_dh1wDkc3Lnfojz6T23s3BNql4egRSztbDdSeoljXKM1Ume7XxrTFjHsCkjRGMkJSIiHS0W4gryi0yX4IdIi-iFL9pYCIhojUeTcc43w0xIdnzSWzfL2KSZ8t_5gkHurb70EPshsjS9ZoESAQKvY8GHrtNLb-lsVmT90OkO1TvRMRXrs9mMdpIhn4_KEe-HXIdwoXzNhl2MHug2lZYotepvFs2ATBuAP_HMkBChNm4xKaM14LW8_KaYFwXbvLTKphfX7dLTc6iM9-eKUvSq9CkKNpRKvMNfpI2e-DaT47hNYf7yMm0IsdGaZ4019bIY7-F89Y7wHlk1VeE5qARIl7szAzshN1ncGK8tTVzCGIZVeNa_efEDctOXbR2640a06VPSbJdmtAbVHj8wLZnicE8lNYTW5QCS6dil_N_9SwJ8gtVT0ap-Skfs1zaNu35O6gA1w8oZcax12_pHEK6RrhBFwaUzfbxOCJkZRHJ4Y6d1s1Zbax7_60VKN1D2BEi5JjR8p7XW-QDviS98c7o195n3npYGt6nc4zl2Jj9TX_Cr7cusuH6SKJ_uC765xPW1avCXl-NLFhTAlC2QZzRz1uGN7AwZhjrGUblJ7iig8Wc3lei6efUNi5z-xWwDwJ5mE71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a6457831c463f31357cb7d7608413e4fb7a326472af50fa01fe5378b27c5b1

Request headers

Referer
https://bidder.h12-media.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:59 GMT
cf-cache-status
HIT
last-modified
Mon, 24 May 2021 09:14:00 GMT
x-mg-request-uuid
4b70e020-cd73-43f2-ba0e-cb171c25c08e
age
616892
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
684c14336af0d90d-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
34266
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNjhmMzNhZDBiOGQxMzQ1N...
s-img.mgid.com/g/8336162/492x277/-/ Frame 048F 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8336162/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNjhmMzNhZDBiOGQxMzQ1NjFhNjAwNzI2YWZkNTY5NTMuanBn.webp?v=1629970619-C-G-xgaxm9foWW-ge5eJQciGT3AFpC8QP_Kwq5V_pZA
Requested by
Host: bidder.h12-media.com
URL: https://bidder.h12-media.com/iframe/?impdata=4wz9gz5EBdHxsQRxEZdRSpXBY1iNjLsVKceyS9l8XzKR_dh1wDkc3Lnfojz6T23s3BNql4egRSztbDdSeoljXKM1Ume7XxrTFjHsCkjRGMkJSIiHS0W4gryi0yX4IdIi-iFL9pYCIhojUeTcc43w0xIdnzSWzfL2KSZ8t_5gkHurb70EPshsjS9ZoESAQKvY8GHrtNLb-lsVmT90OkO1TvRMRXrs9mMdpIhn4_KEe-HXIdwoXzNhl2MHug2lZYotepvFs2ATBuAP_HMkBChNm4xKaM14LW8_KaYFwXbvLTKphfX7dLTc6iM9-eKUvSq9CkKNpRKvMNfpI2e-DaT47hNYf7yMm0IsdGaZ4019bIY7-F89Y7wHlk1VeE5qARIl7szAzshN1ncGK8tTVzCGIZVeNa_efEDctOXbR2640a06VPSbJdmtAbVHj8wLZnicE8lNYTW5QCS6dil_N_9SwJ8gtVT0ap-Skfs1zaNu35O6gA1w8oZcax12_pHEK6RrhBFwaUzfbxOCJkZRHJ4Y6d1s1Zbax7_60VKN1D2BEi5JjR8p7XW-QDviS98c7o195n3npYGt6nc4zl2Jj9TX_Cr7cusuH6SKJ_uC765xPW1avCXl-NLFhTAlC2QZzRz1uGN7AwZhjrGUblJ7iig8Wc3lei6efUNi5z-xWwDwJ5mE71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a49f8b6e710b8582f97c55facb67489eae973be4beeb11d6a1cfc5d75fc1ab33

Request headers

Referer
https://bidder.h12-media.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:36:59 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Mar 2021 02:08:13 GMT
x-mg-request-uuid
de68c6bf-8b33-487b-a724-c88ea363cd59
age
10814427
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
684c14336af2d90d-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
14594
server
cloudflare
hotarucms.png
xyupload.com/content/themes/slightlyyellow/images/ 		0
0
hotarucms.png
xyupload.com/content/themes/slightlyyellow/images/ 		304 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyupload.com/content/themes/slightlyyellow/images/hotarucms.png
Requested by
Host: xyupload.com
URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5998 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc1e86402ced8ca79531a86c299d37ebd3f1d41b506ec643bb9315b133600dfa

Request headers

:path
/content/themes/slightlyyellow/images/hotarucms.png
pragma
no-cache
origin
https://xyupload.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xyupload.com
referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://xyupload.com
Referer
https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:37:01 GMT
cf-cache-status
HIT
last-modified
Wed, 25 Aug 2021 21:21:26 GMT
server
cloudflare
age
44135
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjHs6go4r4druoHx%2BMGvou56wEFDXsh1IpitKa94l2t4Bpi7qlF3jG%2Fy4g7F7zk9VxSBvtNnJpd3XljshGnyLYycQyXnRfW7ypJDlA7PFR%2B1iVJHfrVWqnSNFQf9iTEdxhPBDTVtmsKzQNI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
684c143f6eb16413-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
304
hotarucms.png
xyuploadcom.imageshack.host/itab/rapidcdn/sjv_58.10/content/themes/slightlyyellow/images/ 		179 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyuploadcom.imageshack.host/itab/rapidcdn/sjv_58.10/content/themes/slightlyyellow/images/hotarucms.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.193.183 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
6a5c9fae4418b58724f13776aac1c524cac2426e4f5f655284df41c374f4e3fd

Request headers

Origin
https://xyupload.com
Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Aug 2021 09:37:01 GMT
server
nginx
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/png;charset=utf8
content-length
179
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
tags.h12-media.com/rtb/ Frame 335C 		0
58 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.h12-media.com/rtb/?pname=hb_result_v3&impdata=62vqS8t_outMdOB03OYBP01msE0gQmBmDh2ciBdrLxsq6zlVJTAenICmbIYu9rZGIcljGhXl-U7txNSCJW8DFjvVTmxOm9xGC2CtTXKu1uNZSd4k1PMC3gWzuwaz6xgBmjVjk0MxqBJ8oKYOFFlDdH0Jsc5idu_ELBc9dUaXN73gFIp2GkCLhERVlVxWK2vyawvb0UMMmhWmNaffYDIRGcfEzeXzEPZHMF4hcPounfDum8D3UvW54s9ERdvY_pcOb7GxYjQfiXeNG2vgUQniuWdddecfaAQa9d7tO83w2AvEGQxeJj6ReL9hHnvhWr0o47qEwPkXDVbLaFHYTsLIE3JkQSJzj_4dqVTSpJQwjIKtHsfx0PBvbo9rcq-FLBicnodsny0LxDhP_FNawMpo0X_lCLTYtBg8W9nfugM14deYphcHp5WHMzgIAwxPBycBaRCEruGmjP3z1hjgN00OsiA02&size=970x250&sizex=970x250&wp=0.008544&bd=h12media&d=1
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%222a01%3A4f8%3A121%3A131a%3A%3A2%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickysmart%22%2C%22pubid%22%3A%225cdaacef9be0bc5b971260214ca88323%22%2C%22adunitid%22%3A%2222440%22%2C%22topurl%22%3A%22https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22c40mak9n77g%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A4%2C%22hourofday%22%3A11%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22ltr%22%2C%22cdims%22%3A%5B1600%2C1200%5D%2C%22ddims%22%3A%5B1600%2C1859%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B0%2C50%5D%2C%22maxwidth%22%3A1600%2C%22maxheight%22%3A1200%7D&rnd=0.66950037814192
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.51.131.141 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:37:01 GMT
cache-control
no-store,no-cache,max-age=0,private
srg-x
x-.158
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0
content-length
0
content-type
application/x-javascript; Charset=UTF-8
um
u-ams02.e-planning.net/ Frame 335C
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D49dc1a70272a5a9a%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D49dc1a70272a5a9a%26uid%3D%24UID&sovrn_retry=true
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=49dc1a70272a5a9a&uid=108c46d0de3248ce0364fa46
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=49dc1a70272a5a9a&uid=108c46d0de3248ce0364fa46
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:37:04 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Thu, 26 Aug 2021 09:37:04 GMT
Server
nginx
Location
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=49dc1a70272a5a9a&uid=108c46d0de3248ce0364fa46
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
csync
sync.adtelligent.com/ Frame 335C
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=93594267-628c-4596-a022-b0105d6c3416
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=93594267-628c-4596-a022-b0105d6c3416
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 26 Aug 2021 09:37:04 GMT
Server
VertaMedia 1.0
Etag
0eae3e6ebad90b84
Content-Length
0

Redirect headers

pragma
no-cache
date
Thu, 26 Aug 2021 09:37:04 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=93594267-628c-4596-a022-b0105d6c3416
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
efgksci8ebpebb62besb3088upip5s14
csync
sync.adtelligent.com/ Frame 335C
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=108c46d0de3248ce0364fa46
0
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=108c46d0de3248ce0364fa46
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 26 Aug 2021 09:37:04 GMT
Server
VertaMedia 1.0
Etag
0eae3e6ebad90b84
Content-Length
0

Redirect headers

Date
Thu, 26 Aug 2021 09:37:04 GMT
Server
nginx
Location
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=108c46d0de3248ce0364fa46
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
csync
sync.adtelligent.com/ Frame 335C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5952754274345941442
0
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5952754274345941442
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 26 Aug 2021 09:37:04 GMT
Server
VertaMedia 1.0
Etag
0eae3e6ebad90b84
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Thu, 26 Aug 2021 09:37:04 GMT
X-Proxy-Origin
159.48.55.5; 159.48.55.5; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c7f1a584-f9a8-4b8a-a796-6a715702c3aa
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5952754274345941442
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tN-0X4eH2nt32hkEI-TFx1XRlf-ddoJDESmBx3CIWaK9aMO3WkVi9jAc-l7-ZQcDQsSomNRWcYaGIY3w0uBEARBuT0qkU18P0THlQ9BvFgszXAkF4jbKGQIEZbdXhwqXKlc0tkn5n5dm68yXK4ONZru2yJzfG0kdFybxNs1a541RT9VDBoPS2YSPyxb1KlO78skJH...
itgiblean.com/impression/ 		43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://itgiblean.com/impression/tN-0X4eH2nt32hkEI-TFx1XRlf-ddoJDESmBx3CIWaK9aMO3WkVi9jAc-l7-ZQcDQsSomNRWcYaGIY3w0uBEARBuT0qkU18P0THlQ9BvFgszXAkF4jbKGQIEZbdXhwqXKlc0tkn5n5dm68yXK4ONZru2yJzfG0kdFybxNs1a541RT9VDBoPS2YSPyxb1KlO78skJHcolCwvEUOHVA03F9QMfjy_1p6bSJ6xxg0Ior0uKtKM9EEkWkv3rx-McjkkBQ_-NItlFwYuxy_EPhbC4Mv5uNfPJvqd5GzwscYha0nkoI6RdsmQgkGVA5ma50vcY7QxRnpWzQszcxEupLqfL4Tx5TskjDOpX5qqfdRUvgxll4ZryqfnNV692Ja0JSOEI_XZjGuBpYXdoQfEQiMTKPUA4yu-3nwAykdSe0Fi6f9nP66J01AAJTk0C-oEyiVYpotveyTcCtyBfeVz-kNo5PWIJhNKOO4HK08pIPIax46Wg-2qzx9YyPsSVSObXZyqOVqyyRVndIxCu9vu3_emHZlEke6UHjr0h_PjlBqCPRTuPPHTm_OAWGoOQWXpeD0_B07D8hTJMh0nRgkulcEeYBkJTbblQOCEque6_TccVuaUif-828OsiUXwQnhQE_QPdmwsjZEeh7kBfUjwS-a7MDgHKBuUpAok5p9vaimzVbZBXTIz9sAkQN22sJwLFu_rRMR8MNA==?_z=3680812&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id
79aeadc8c3cdce1d8124e7ec2da4413a
pragma
no-cache
date
Thu, 26 Aug 2021 09:37:07 GMT
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security
max-age=1
timing-allow-origin
*
content-length
43
expires
Wed, 31 Dec 1969 19:00:00 EST
032577902997.png
static.cdnativepush.com/contents/s/e8/b9/a6/1acd43555092c654facfaae8d0/ Frame 92AE 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/e8/b9/a6/1acd43555092c654facfaae8d0/032577902997.png
Requested by
Host: in-page-push.com
URL: https://in-page-push.com/400/3680812
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8b71184482389f8b187e9c9c37a73bef2474008b3db007463163c42cbb2c19f7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 26 Aug 2021 09:37:07 GMT
Last-Modified
Fri, 17 Jan 2020 13:49:39 GMT
Server
nginx
ETag
"5e21bb73-c6c"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
3180
3680812
in-page-push.com/500/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-page-push.com/500/3680812?excludes=9625616&oaid=7018761e79fc4ade8f3e4fdcad6bf592&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: in-page-push.com
URL: https://in-page-push.com/400/3680812
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f2ab2b10d4bf99f1de9a604e869f3b60be40022adff929bf94665b8a7e0398b6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
f43e22086c264e135eb82d87f66cad48
pragma
no-cache
date
Thu, 26 Aug 2021 09:37:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://xyupload.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
3680812
in-page-push.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://in-page-push.com/500/3680812?excludes=9625616&oaid=7018761e79fc4ade8f3e4fdcad6bf592&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Server
139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://xyupload.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 26 Aug 2021 09:37:01 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET
access-control-allow-origin
https://xyupload.com
access-control-max-age
300
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security
max-age=1
x-content-type-options
nosniff
timing-allow-origin
*
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 335C 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v3/prebid3_2.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9b34825eb68ebbe49410251b863c07e811c9e406286c7a8f00f88e83d9729c68

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:37:09 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 15:58:00 GMT
server
nginx
etag
W/"61154508-14e39"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Aug 2021 09:37:09 GMT
syncframe
gum.criteo.com/ Frame 851E 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=xyupload.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=xyupload.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://xyupload.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://xyupload.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2127
set-cookie
uid=8b28c68e-d227-4ad1-82c9-5d401170796a; expires=Tue, 20 Sep 2022 09:37:09 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Thu, 26 Aug 2021 09:37:09 GMT
content-length
4666
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 335C 		84 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9b34825eb68ebbe49410251b863c07e811c9e406286c7a8f00f88e83d9729c68

Request headers

Referer
https://xyupload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:37:10 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 15:58:00 GMT
server
nginx
etag
W/"61154508-14e39"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Aug 2021 09:37:10 GMT
sid
mug.criteo.com/ Frame 851E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=xyupload.com&sn=ChromeSyncframe&so=0&topUrl=xyupload.com&cw=1
  • https://mug.criteo.com/sid?cpp=GVoLLnxpZllHMnQ1TXdzRXFaNzRTRUsrMXhPM0xra051OFFrQWU4czRhYVJvenk5T1pteDNUaDBMcGc3cnRmUU5FeUhtSlpzOFJ0MElMNzk2Y2NyaGRPSHBXTnR1YXdjVll0WkVrbGJXRTBuVDR0dit1KzRIWXYzSlVpK0...
337 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=GVoLLnxpZllHMnQ1TXdzRXFaNzRTRUsrMXhPM0xra051OFFrQWU4czRhYVJvenk5T1pteDNUaDBMcGc3cnRmUU5FeUhtSlpzOFJ0MElMNzk2Y2NyaGRPSHBXTnR1YXdjVll0WkVrbGJXRTBuVDR0dit1KzRIWXYzSlVpK0tKQUxad1VYRGUzUjd6UWlPVnM1VTRvL2RKb1hmaDRIU2NkVUw4ejJwUWJRNGdRTnNKOE82amNSQmJuMGNLMGRCMlRRempNRXZZZnorRzlsQ0NUZUE5blAvTEhydEJYZHI2R3I1UUZyWU9sK3BqaHR2RDc4PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
237672608b3d66f9cd170cb1f978c35650c68453a33788d5fa4fb8b2f94c2f8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 26 Aug 2021 09:37:09 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2529
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 26 Aug 2021 09:37:09 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=GVoLLnxpZllHMnQ1TXdzRXFaNzRTRUsrMXhPM0xra051OFFrQWU4czRhYVJvenk5T1pteDNUaDBMcGc3cnRmUU5FeUhtSlpzOFJ0MElMNzk2Y2NyaGRPSHBXTnR1YXdjVll0WkVrbGJXRTBuVDR0dit1KzRIWXYzSlVpK0tKQUxad1VYRGUzUjd6UWlPVnM1VTRvL2RKb1hmaDRIU2NkVUw4ejJwUWJRNGdRTnNKOE82amNSQmJuMGNLMGRCMlRRempNRXZZZnorRzlsQ0NUZUE5blAvTEhydEJYZHI2R3I1UUZyWU9sK3BqaHR2RDc4PXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1858
content-length
482
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xyupload.com
URL
https://xyupload.com/content/themes/slightlyyellow/images/hotarucms.png

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| 1qulimcqv73 object| zfgformats function| L1ss function| l8T number| w5YYYY function| F1ss object| _$cmp object| _$pt function| F4cc function| setImmediate function| clearImmediate object| _rhat4 string| _p function| O6HH function| W6HH function| g6HH function| D6HH function| D4zz undefined| c5H number| a5H number| B8dddd function| umM6 string| m function| _huwpohs function| _osuev string| k object| _2ht2quuu403 function| _nfirp function| _xhxiaqb function| Piv3280Aa71 function| _bp number| K9HHHH function| Q1WW function| I4d function| I1WW undefined| handleException function| T9II function| _clmf4vli04wl97awtt6t5g undefined| __residual undefined| __abstract undefined| __optimize function| S9tt object| _rhat2 object| _51b2wromn5j function| _exazar function| _jdrmcmvv object| webpushlogs object| __cfQR object| __cfBeacon number| m9zzzz function| j155 function| e4a function| M155 function| K7FF function| _clplc8pn68zdszf74xanfy function| zfgproxyhttp function| $ function| jQuery object| _gaq object| ko boolean| __cfRLUnblockHandlers function| urldecode function| reply_comment function| edit_comment function| vote object| xmlhttp function| myXMLHttpRequest object| ajax object| returnvalue function| handleEnter function| sfHover string| BASE string| BASEURL string| SITEURL string| ADMIN_THEME string| THEME object| _gat object| gaGlobal function| _0x1c6b function| _0x9e72 string| h12_mtoken string| h12_mtoken_load function| r4yy function| r5JJ function| m8OO function| W7tt boolean| r5 function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup string| h12_init number| h12_pending number| h12_refresher number| h12_adcount object| h12_initdata object| h12slave object| h12_initcdims boolean| p_visible string| h12_p_hidden string| h12_p_visibilityChange object| rhpt18865 function| _$

2 Cookies

Domain/Path Name / Value
xyupload.com/ Name: rhid_c
Value: 0
xyupload.com/ Name: PHPSESSID
Value: 5rj6tj8ts6dhepea7qdmbu1ft7

3 Console Messages

Source Level URL
Text
console-api log URL: https://xyupload.com/solved-for-quickbooks-2021-qbdbmgrn-not-running/(Line 43)
Message:
%c undefined
console-api log URL: https://tags.h12-media.com/load2.js(Line 1)
Message:
new: [object HTMLUnknownElement] [object Object] true true 0
console-api log URL: https://tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%222a01%3A4f8%3A121%3A131a%3A%3A2%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickysmart%22%2C%22pubid%22%3A%225cdaacef9be0bc5b971260214ca88323%22%2C%22adunitid%22%3A%2222440%22%2C%22topurl%22%3A%22https%3A%2F%2Fxyupload.com%2Fsolved-for-quickbooks-2021-qbdbmgrn-not-running%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22c40mak9n77g%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A4%2C%22hourofday%22%3A11%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22ltr%22%2C%22cdims%22%3A%5B1600%2C1200%5D%2C%22ddims%22%3A%5B1600%2C1859%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B0%2C50%5D%2C%22maxwidth%22%3A1600%2C%22maxheight%22%3A1200%7D&rnd=0.66950037814192(Line 152)
Message:
w: 0.008544 s: 0.00 banner h12media

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.e-planning.net
ajax.googleapis.com
ap.lijit.com
bidder.criteo.com
bidder.h12-media.com
c.mgid.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
clksite.com
f.h12-media.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
gum.criteo.com
ib.adnxs.com
in-page-push.com
itgiblean.com
mailwithcash.com
maxcdn.bootstrapcdn.com
mug.criteo.com
my.rtmark.net
mybetterdl.com
native.propellerclick.com
otrwaram.com
p336138.clksite.com
p336138.mycdn.co
rtb.openx.net
s-img.mgid.com
ssl.google-analytics.com
stagepopkek.com
static.cdnativepush.com
static.cloudflareinsights.com
static.criteo.net
sync.adtelligent.com
tags.h12-media.com
u-ams02.e-planning.net
xyupload.com
xyuploadcom.imageshack.host
xyupload.com
104.19.134.78
104.19.136.78
108.168.193.183
109.206.162.83
139.45.195.8
139.45.197.15
139.45.197.188
139.45.197.235
139.45.197.239
154.51.131.141
173.192.101.24
178.250.0.157
178.250.2.131
185.33.221.88
216.52.2.30
2606:4700:3031::6815:5998
2606:4700:3036::6815:4b0b
2606:4700::6810:135e
2606:4700::6810:5e41
2606:4700::6812:bcf
2a00:1450:4001:809::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a02:2638:1::3
2a02:2638::1c
2a04:4e42:3::485
2a0c:5c81:5142::2
35.186.253.211
46.249.52.248
62.149.0.72
94.31.29.128
096daaa6e54eacbd0caea86def174eb8b92786a1418513901c65a6e8877220bb
0e35ec3dfa80b7851b7826fcae5e1ef652d03d77c6c2af9f0bf1b97d49fe876d
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15fc980e2d05cf9333045a7ba43b3b4cbfd7e61e1eb9b47be00f01ce1e14589f
17a6457831c463f31357cb7d7608413e4fb7a326472af50fa01fe5378b27c5b1
191ef96842ca54b0ed605ff77a6aca246738b714617ae3cd6a888585d9d192fe
1d6f9962105645aa9f030ca5c93803512e1430b65b8d6f412f24de4b8b060acd
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
237672608b3d66f9cd170cb1f978c35650c68453a33788d5fa4fb8b2f94c2f8f
2447faaf656f1cf3610063b878a28c4167029cc8082b185272399cf0c366e12e
2ba6afd97d3dff87b51b6f910afda9c4f04ea4225056c0118278725371258529
2ed9119918adf7c9541d700ee80910ef8d0220ff312ebce648c5bec1e663fd8b
2f115537e496e739219369c034a7f579774a7e280d9121d450b397e1fae14839
3a414c2da79ba4ddd427fac0a5c5c5677bc4390ac160a9cac41f097585078a36
3a93a80a679bc28da6416099aa8d16eff66be8b91e7e7f00f0e5e732f2b7edd9
3cc636f73406bd9f7fb945f29612f41773083aaa22ae8b55780cce683562bd22
4bbbf3a099825205a2c718ea7594e2039ee888e5677b7c774147ca5bc4007d38
4c526f1f7d947231ba673d79d48a4220cf71607988099ef0b505f7ed7fb54759
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5874114bee209237069bd33429ad56be7297f1052ed106f1c82228ea63fd02e3
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
5fa20d91c9e94f0dcd1398f5e8909706c437748ca1800616ee76deb6cefbdf03
6a5c9fae4418b58724f13776aac1c524cac2426e4f5f655284df41c374f4e3fd
712084b6cada1e9bdd79ccd4e7df7ec8001ee5d50fe5d87729ff24a6d439cdd6
72f1fc430e02489320d816c3c4a297a6d204e931771643061320182014bc5e66
75e515b760b09638008dcdea00101f2d8d09135f9306d11eafac21c64f5e31c5
7d255ac47fb5f5d27f7540f44fd9fc797e1ed819efdcbb0e64db61745c54aacd
81a1a86cd93570f6a3d1a6dc566c99c5462008fb2e7822703798b80e30b8052d
81c0dab8b1b9d140f777d24af244ef925002b353cf3d625177bbaba5f8cc0eef
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
875e306562c94989638b19ec0227a0007fc3fe1482f432e5e7925ddfe3d04813
8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da
8896f6d0e5df6485d5dd588b66e262252e3c21aae011bc3ff81fca069c2337f2
8b71184482389f8b187e9c9c37a73bef2474008b3db007463163c42cbb2c19f7
93a4512f74d4f46b230b4a335f956c14688561bd60a9c2e307ccb413c4fd6f4d
95d4656ced9485b7ce8789f7f737d7dd86e2a41501e6cfbbce5a2bd3188166bd
96f90e98e5747bf3cc97912984d7b0ca8e6d0d73574f07a0289353aeb7c999bd
9b34825eb68ebbe49410251b863c07e811c9e406286c7a8f00f88e83d9729c68
a2c9e594b30e7f07da7be7026a5544294ede153ca3af7fc1d06573a50fbaee16
a49f8b6e710b8582f97c55facb67489eae973be4beeb11d6a1cfc5d75fc1ab33
aa891bdea1635a237ec0fd8d65be674c5fcfb1333fa6c7a1df13b6d846d4802c
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b10b787152b8b545d6c5d11d810a10c19a03a4fde8b96a2bfe010a809032c6e8
b3b5e2603165b50c66b491da3628e545f782cb0df36129286c638d0803dced16
b5f41b9101cd10b5d8f1b83031091e75b4a99b0302df343ec7210166c0e6583b
c5405a4d966f7573e0ea28a7e85475d4ec1a2fcfe940a972bfb81910f15c6e9b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd109685aad091ac9e233f99deedc4ff3aa2302a7d7d8a7064d6a14d1f87db77
cdbdd0d14cf9a00eb7193fa4c6d316dfd5c55d8af9034f56ae63fd9a33e4dbeb
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d80144bf89a200a30b70390b864efa2848d0f77ef2de3b2914e22c79781c6b47
dc1e86402ced8ca79531a86c299d37ebd3f1d41b506ec643bb9315b133600dfa
dfdbedce05ba35919e0c8de19b675adf02993a534072827e58a9df39ddc74c1c
e25a7723726c566cfc2a659482bba6fc00596edcd90837388346e8d11070d165
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e449283936daf9239f7c939da9e17d0d1f5819b822224b876085d00618f19ca5
e58694837ce698c650fdaaf4079bcd81bce414f2b0a0f64c98fbbac13130b28a
e6c32a441e09c2986860736788e27fa17b911719e3852c568278a71989ad8b38
e96e522d23efaadcece9f0749c36d1c33cf370d711fd5f60af79615165966dd2
eb88b43b6cbbc83daac9dfc061d9c76e8d238444052928e7cd18dbfc2f441b9d
ebb2d6897ad7ea3a03467bb3613069fc78b9a7796ec8b570145e2481c61dc8ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef311b836fc30fc9c7d6a0c75db64eafe1a0e572d315d1a41f6bd21821710acd
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f2ab2b10d4bf99f1de9a604e869f3b60be40022adff929bf94665b8a7e0398b6
f42a7e2b5f954cadaec0fc92752290a954b361abbd11b59c1798f4c9b8bd880d
f66bde09391d52a4b5582b9c4b7c01ac421aba54b9d2632af32c89625909f3ae