dosya.co Open in urlscan Pro
195.201.111.49  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request RoFIXER.exe Show response dosya.co/5rrlbcpm0vda/	9 KB 4 KB	208ms 143ms	Document text/html	195.201.111.49 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.111.49 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.49.111.201.195.clients.your-server.de Software Apache / PleskLin Resource Hash 7d1752ae12562ed8b06fe47e5e31d16e0b4683b7b0b23a6c8385aa35dc263cf4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Connection Keep-Alive Content-Encoding gzip Content-Length 3533 Content-Type text/html; charset=UTF-8 Date Tue, 01 Oct 2024 14:38:58 GMT Expires Mon, 30 Sep 2024 14:38:58 GMT Keep-Alive timeout=5, max=100 Server Apache Vary Accept-Encoding,User-Agent X-Powered-By PleskLin
GET H2	200	css fonts.googleapis.com/	3 KB 934 B	43ms 16ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,latin-ext Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f39537780d8d5d477e79126e72f0107b63ffdb5a3bacabcab32fdce74bac9725 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/ Response headers content-encoding gzip x-content-type-options nosniff expires Tue, 01 Oct 2024 14:38:58 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 14:38:58 GMT content-type text/css; charset=utf-8 last-modified Tue, 01 Oct 2024 13:54:11 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H3	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/	23 KB 6 KB	37ms 22ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/ Response headers cdn-status 200 content-encoding br cf-cache-status HIT etag W/"04425bbdc6243fc6e54bf8984fe50330" age 3145451 x-content-type-options nosniff date Tue, 01 Oct 2024 14:38:58 GMT last-modified Mon, 25 Jan 2021 22:04:54 GMT content-type text/css; charset=utf-8 vary Accept-Encoding, Accept-Encoding cdn-cache HIT cdn-cachedat 03/18/2024 12:14:51 cdn-requestpullcode 200 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31919000 cdn-requestpullsuccess True timing-allow-origin * cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid a906d257e9e53898802256ca340a559d cross-origin-resource-policy cross-origin cdn-pullzone 252412 cdn-proxyver 1.04 cf-ray 8cbd33127eef9c0c-FRA access-control-allow-origin * cdn-edgestorageid 1068 server cloudflare cdn-requestcountrycode US
GET H3	200	normalize.min.css cdnjs.cloudflare.com/ajax/libs/normalize/3.0.3/	2 KB 1 KB	30ms 17ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/normalize/3.0.3/normalize.min.css Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fcef96bd3d8479bd51214ea2308b44862e719474c22c78361e02e6546156c96f Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5eb03f2b-78e" age 31950 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SLKJFJLx5jvNRYn%2B9Y1Zq%2B8Y1PRNJfNhs65H1ABN%2Bs6RkROBAfJrCnfg9GXJ4LExsrpAgQDDSGsCO9RY55BUZ6D2l4X%2Ba%2BLtap%2FO2lj1C2%2FUSdetXarbYO%2B%2FkfFzr40jItDBXQ5V8kGqSXHF1R58Xdi%2F"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Sun, 21 Sep 2025 14:38:58 GMT alt-svc h3=":443"; ma=86400 date Tue, 01 Oct 2024 14:38:58 GMT content-type text/css; charset=utf-8 last-modified Mon, 04 May 2020 16:13:31 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8cbd33127afedbf3-FRA accept-ranges bytes access-control-allow-origin * content-length 697 server cloudflare
GET H/1.1	200 OK	tablo.css dosya.co/	37 KB 6 KB	69ms 67ms	Stylesheet text/css	195.201.111.49 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dosya.co/tablo.css Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.111.49 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.49.111.201.195.clients.your-server.de Software Apache / PleskLin Resource Hash 4fdccb9053939f1c4ab512c674b1ae9320cba6733d682d5e796b4b75da782bff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Response headers Cache-Control max-age=604800 Content-Encoding gzip ETag "9594-584a188db2e37-gzip" Connection Keep-Alive Expires Tue, 08 Oct 2024 14:38:58 GMT Accept-Ranges bytes Content-Length 5463 Keep-Alive timeout=5, max=99 Date Tue, 01 Oct 2024 14:38:58 GMT Last-Modified Thu, 21 Mar 2019 21:36:44 GMT Vary Accept-Encoding,User-Agent Server Apache Content-Type text/css X-Powered-By PleskLin
GET H/1.1	200 OK	main.css dosya.co/	35 KB 8 KB	114ms 91ms	Stylesheet text/css	195.201.111.49 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dosya.co/main.css Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.111.49 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.49.111.201.195.clients.your-server.de Software Apache / PleskLin Resource Hash 238a61fb513df93cc79db290febe0d76aca2eca14ba184e894fde8549f5f3da1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Response headers Cache-Control max-age=604800 Content-Encoding gzip ETag "8c1e-62097bc0e8a54-gzip" Connection Keep-Alive Expires Tue, 08 Oct 2024 14:38:58 GMT Accept-Ranges bytes Content-Length 7778 Keep-Alive timeout=5, max=100 Date Tue, 01 Oct 2024 14:38:58 GMT Last-Modified Mon, 26 Aug 2024 15:25:27 GMT Vary Accept-Encoding,User-Agent Server Apache Content-Type text/css X-Powered-By PleskLin
GET H/1.1	200 OK	jquery-1.9.1.min.js Show response dosya.co/	90 KB 32 KB	86ms 63ms	Script application/javascript	195.201.111.49 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dosya.co/jquery-1.9.1.min.js Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.111.49 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.49.111.201.195.clients.your-server.de Software Apache / PleskLin Resource Hash c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Response headers Cache-Control max-age=604800 Content-Encoding gzip ETag "169d5-567ddad2b30d7-gzip" Connection Keep-Alive Expires Tue, 08 Oct 2024 14:38:58 GMT Accept-Ranges bytes Content-Length 32775 Keep-Alive timeout=5, max=100 Date Tue, 01 Oct 2024 14:38:58 GMT Last-Modified Tue, 20 Mar 2018 20:11:14 GMT Vary Accept-Encoding,User-Agent Server Apache Content-Type application/javascript X-Powered-By PleskLin
GET H/1.1	200 OK	xupload.js Show response dosya.co/	15 KB 5 KB	112ms 89ms	Script application/javascript	195.201.111.49 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dosya.co/xupload.js? Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.111.49 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.49.111.201.195.clients.your-server.de Software Apache / PleskLin Resource Hash f52bd322c3a2e09338bf72b845c59ac2b1c4ecffe5e0e0513010cd69ff7eec9f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Response headers Cache-Control max-age=604800 Content-Encoding gzip ETag "3ba3-567ddad45cd3c-gzip" Connection Keep-Alive Expires Tue, 08 Oct 2024 14:38:58 GMT Accept-Ranges bytes Content-Length 4464 Keep-Alive timeout=5, max=100 Date Tue, 01 Oct 2024 14:38:58 GMT Last-Modified Tue, 20 Mar 2018 20:11:16 GMT Vary Accept-Encoding,User-Agent Server Apache Content-Type application/javascript X-Powered-By PleskLin
GET H/1.1	200 OK	jquery.cookie.js Show response dosya.co/	3 KB 2 KB	81ms 59ms	Script application/javascript	195.201.111.49 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dosya.co/jquery.cookie.js Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.111.49 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.49.111.201.195.clients.your-server.de Software Apache / PleskLin Resource Hash c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Response headers Cache-Control max-age=604800 Content-Encoding gzip ETag "c31-567ddad2b4847-gzip" Connection Keep-Alive Expires Tue, 08 Oct 2024 14:38:58 GMT Accept-Ranges bytes Content-Length 1365 Keep-Alive timeout=5, max=100 Date Tue, 01 Oct 2024 14:38:58 GMT Last-Modified Tue, 20 Mar 2018 20:11:14 GMT Vary Accept-Encoding,User-Agent Server Apache Content-Type application/javascript X-Powered-By PleskLin
GET H2	200	js Show response www.googletagmanager.com/gtag/	299 KB 102 KB	52ms 25ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-MZEZ63PHNB Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3a62b526bb8e3de6b73cd265804b544a56f2d2f19f74f43c1681db946b4b9ae5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Tue, 01 Oct 2024 14:38:59 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 14:38:59 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 103313 x-xss-protection 0 server Google Tag Manager
GET H2	200	platform.js Show response apis.google.com/js/	63 KB 24 KB	43ms 15ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/platform.js Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d064beadc87162a0a623a7dd6d4539a87202d7373c340f63de6e9f7ff483140b Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/ Response headers content-encoding gzip etag "430abf2319e8f36c" report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} x-content-type-options nosniff expires Tue, 01 Oct 2024 14:38:59 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 14:38:59 GMT content-type text/javascript vary Accept-Encoding content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team cache-control private, max-age=1800, stale-while-revalidate=1800 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="gapi-team" cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 24116 x-xss-protection 0 server sffe
GET H/1.1	200 OK	logo.png dosya.co/images/	11 KB 11 KB	83ms 61ms	Image image/png	195.201.111.49 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dosya.co/images/logo.png Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.111.49 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.49.111.201.195.clients.your-server.de Software Apache / PleskLin Resource Hash 7ed72d07bad4e847f9647546ddf0ef0177b4becdcb899ecf4bba18b76031fe7b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Response headers Cache-Control max-age=31536000 ETag "2c5a-567df14c89dad" Connection Keep-Alive Expires Wed, 01 Oct 2025 14:38:58 GMT Accept-Ranges bytes Content-Length 11354 Keep-Alive timeout=5, max=100 Date Tue, 01 Oct 2024 14:38:58 GMT Last-Modified Tue, 20 Mar 2018 21:51:47 GMT X-Powered-By PleskLin Server Apache Content-Type image/png Vary User-Agent
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/	152 KB 25 KB	30ms 7ms	Stylesheet text/css	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://dosya.co Referer https://dosya.co/ Response headers access-control-expose-headers * content-encoding br etag W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0" age 2078764 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT date Tue, 01 Oct 2024 14:38:58 GMT content-type text/css; charset=utf-8 x-served-by cache-fra-eddf8230092-FRA vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 25360 x-jsd-version 5.0.2
GET H/1.1	200 OK	kmJlQ Show response ps.fungidcolder.com/rY7XHEwb9xN/	0 1 KB	189ms 21ms	Script application/javascript	23.109.170.222 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://ps.fungidcolder.com/rY7XHEwb9xN/kmJlQ Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 23.109.170.222 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/ Response headers Access-Control-Max-Age 600 Content-Encoding gzip Access-Control-Allow-Methods GET, POST, OPTIONS X-Content-Type-Options nosniff Keep-Alive timeout=20 Date Tue, 01 Oct 2024 14:38:59 GMT Content-Type application/javascript; charset=utf-8 Vary Accept-Encoding Access-Control-Allow-Headers content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires Transfer-Encoding chunked Strict-Transport-Security max-age=1 Accept-ch sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin https://dosya.co Server nginx
GET H/1.1	200 OK	facebook1.png dosya.co/images/	644 B 1 KB	65ms 64ms	Image image/png	195.201.111.49 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dosya.co/images/facebook1.png Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.111.49 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.49.111.201.195.clients.your-server.de Software Apache / PleskLin Resource Hash a536f69561b103071bfac0f8b0fbcd512124e1b09c13bb05940eedb6eee70e73 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Response headers Cache-Control max-age=31536000 ETag "284-567df14ba2e6a" Connection Keep-Alive Expires Wed, 01 Oct 2025 14:38:59 GMT Accept-Ranges bytes Content-Length 644 Keep-Alive timeout=5, max=98 Date Tue, 01 Oct 2024 14:38:59 GMT Last-Modified Tue, 20 Mar 2018 21:51:46 GMT X-Powered-By PleskLin Server Apache Content-Type image/png Vary User-Agent
GET H/1.1	200 OK	twitter1.png dosya.co/images/	663 B 1 KB	60ms 60ms	Image image/png	195.201.111.49 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dosya.co/images/twitter1.png Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.111.49 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.49.111.201.195.clients.your-server.de Software Apache / PleskLin Resource Hash b57a0a6a75d3dcc85984750ca9d5025f975330e6bbd8b3092e84c0be77496efa Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Response headers Cache-Control max-age=31536000 ETag "297-567df144ce63e" Connection Keep-Alive Expires Wed, 01 Oct 2025 14:38:59 GMT Accept-Ranges bytes Content-Length 663 Keep-Alive timeout=5, max=99 Date Tue, 01 Oct 2024 14:38:59 GMT Last-Modified Tue, 20 Mar 2018 21:51:39 GMT X-Powered-By PleskLin Server Apache Content-Type image/png Vary User-Agent
GET H/1.1	200 OK	vk.png dosya.co/images/	2 KB 2 KB	63ms 61ms	Image image/png	195.201.111.49 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dosya.co/images/vk.png Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.111.49 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.49.111.201.195.clients.your-server.de Software Apache / PleskLin Resource Hash f981914f290d00f0cf8223f88d9875f46b87ec243db466ab4dc49cf31e1ef8c8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Response headers Cache-Control max-age=31536000 ETag "6a7-567df148e4462" Connection Keep-Alive Expires Wed, 01 Oct 2025 14:38:59 GMT Accept-Ranges bytes Content-Length 1703 Keep-Alive timeout=5, max=99 Date Tue, 01 Oct 2024 14:38:59 GMT Last-Modified Tue, 20 Mar 2018 21:51:43 GMT X-Powered-By PleskLin Server Apache Content-Type image/png Vary User-Agent
GET H/1.1	200 OK	scripts.js Show response dosya.co/	1 KB 974 B	60ms 59ms	Script application/javascript	195.201.111.49 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dosya.co/scripts.js Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.111.49 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.49.111.201.195.clients.your-server.de Software Apache / PleskLin Resource Hash 5078e3c0bac573204f58dbd1c79b9c0b22512b694fb7ccde42033a21b4d8b3a4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Response headers Cache-Control max-age=604800 Content-Encoding gzip ETag "407-60ca2f8b55494-gzip" Connection Keep-Alive Expires Tue, 08 Oct 2024 14:38:59 GMT Accept-Ranges bytes Content-Length 535 Keep-Alive timeout=5, max=99 Date Tue, 01 Oct 2024 14:38:59 GMT Last-Modified Sat, 16 Dec 2023 16:25:57 GMT Vary Accept-Encoding,User-Agent Server Apache Content-Type application/javascript X-Powered-By PleskLin
GET H3	200	sdk.js Show response connect.facebook.net/tr_TR/	3 KB 2 KB	20ms 9ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/tr_TR/sdk.js Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash fe5a63f54ed22a142ed5b73e7df9212f6196bf2f9139f792caa6d295af2a9ee0 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/ Response headers content-md5 h7ZbZboef1YdOJZM3jzlqA== access-control-expose-headers X-FB-Content-MD5 content-encoding gzip etag "80b17fd2c4224bd11f62128918c229bc" report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Tue, 01 Oct 2024 14:49:03 GMT alt-svc h3=":443"; ma=86400 edge-control cache-maxage=1200s date Tue, 01 Oct 2024 14:38:59 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-content-md5 b8dfcfe2ad0f7e56bfb830d545694eed cache-control public,max-age=1200,stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4436, tp=9, tpl=0, uplat=1, ullat=-1 x-fb-debug erILXzNyhESYIF/f2t++igqKjzYeroiW2HkHhkHiz5jctI0pYJ6qHvjWKHrffK/kisegiGcHcuB52V2ZNrpj7Q== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top access-control-allow-origin * content-length 1686
GET H3	200	jizfRExUiTo99u79B_mh0O6tLQ.woff2 fonts.gstatic.com/s/ptsans/v17/	46 KB 46 KB	78ms 50ms	Font font/woff2	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,latin-ext Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://dosya.co Referer https://fonts.googleapis.com/ Response headers age 22333 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 01 Oct 2025 08:26:46 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 08:26:46 GMT last-modified Wed, 27 Apr 2022 16:55:54 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 47048 x-xss-protection 0 server sffe
GET H3	200	jizaRExUiTo99u79D0KExQ.woff2 fonts.gstatic.com/s/ptsans/v17/	44 KB 44 KB	64ms 36ms	Font font/woff2	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,latin-ext Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://dosya.co Referer https://fonts.googleapis.com/ Response headers age 22908 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 01 Oct 2025 08:17:11 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 08:17:11 GMT last-modified Wed, 27 Apr 2022 16:11:08 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 45300 x-xss-protection 0 server sffe
GET H3	200	jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2 fonts.gstatic.com/s/ptsans/v17/	29 KB 29 KB	87ms 60ms	Font font/woff2	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,latin-ext Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1a8635c7077b20e45b38d58f63b6562a47630e137c0e2c68b5b31611a8524a15 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://dosya.co Referer https://fonts.googleapis.com/ Response headers age 37308 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 01 Oct 2025 04:17:11 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 04:17:11 GMT last-modified Wed, 27 Apr 2022 16:03:03 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 29232 x-xss-protection 0 server sffe
GET H3	200	sdk.js Show response connect.facebook.net/tr_TR/	289 KB 82 KB	26ms 9ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/tr_TR/sdk.js?hash=aab1b4ded9328f766b066ec034e557ed Requested by Host: connect.facebook.net URL: https://connect.facebook.net/tr_TR/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 881c570a9be3cf3d3df9cef998ad30fcd96acc734583c35bb720b756487bcf58 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://dosya.co Referer https://dosya.co/ Response headers content-md5 5Qi2Gg6Ih2EnuUGJmUBBwQ== access-control-expose-headers X-FB-Content-MD5 content-encoding gzip etag "cbd580df06520cb9fcf63e107dfa7448" report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Wed, 01 Oct 2025 11:57:53 GMT alt-svc h3=":443"; ma=86400 date Tue, 01 Oct 2024 14:38:59 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-content-md5 3d2256e96abaa82f210e872d1de639bc cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=14, rtx=0, c=23, mss=1232, tbw=4436, tp=9, tpl=0, uplat=0, ullat=-1 x-fb-debug TOiEOvwpfqxEm9uv0LwlRylcBaJBUhaThzNi3EHcOOvWhiQBescCMXw2KMpHU/8j51lq7o6fXrDRq9uOIQbw8g== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top access-control-allow-origin * content-length 84122
POST H2	204	collect region1.analytics.google.com/g/	0 0	46ms 15ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-MZEZ63PHNB&gtm=45je49u0v878881116za200&_p=1727793539057&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&cid=1995458728.1727793539&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727793539&sct=1&seg=0&dl=https%3A%2F%2Fdosya.co%2F5rrlbcpm0vda%2FRoFIXER.exe&dt=%C4%B0ndir%20RoFIXER%20exe&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=459 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-MZEZ63PHNB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://dosya.co cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 14:38:59 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 549 B	78ms 23ms	Ping text/plain	2a00:1450:400c:c07::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MZEZ63PHNB&cid=1995458728.1727793539&gtm=45je49u0v878881116za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101686685~101747727 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-MZEZ63PHNB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://dosya.co cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 14:38:59 GMT content-type text/plain server Golfe2
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	58ms 42ms	Image image/gif	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MZEZ63PHNB&cid=1995458728.1727793539&gtm=45je49u0v878881116za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101686685~101747727&tag_exp=101671035~101686685~101747727&z=404890338 Requested by Host: dosya.co URL: https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/ Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Tue, 01 Oct 2024 14:38:59 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	like.php www.facebook.com/v2.3/plugins/ Frame FC13	0 0	51ms 36ms	Document text/html	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=316567811817812&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df98bdc76dccd5ee83%26domain%3Ddosya.co%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdosya.co%252Ff57bf49a203116453%26relation%3Dparent.parent&container_width=339&href=https%3A%2F%2Fwww.facebook.com%2FDosyaco&layout=standard&locale=tr_TR&sdk=joey&share=false&show_faces=false&width=200 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/tr_TR/sdk.js?hash=aab1b4ded9328f766b066ec034e557ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dosya.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-length 0 content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-type text/html;charset=utf-8 cross-origin-opener-policy same-origin-allow-popups cross-origin-opener-policy-report-only restrict-properties;report-to="coop_report" date Tue, 01 Oct 2024 14:38:59 GMT expires Sat, 01 Jan 2000 00:00:00 GMT pragma no-cache report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420816745955635171"}]} reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420816745955635171" x-content-type-options nosniff x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1328, tbw=2754, tp=-1, tpl=-1, uplat=28, ullat=0 x-fb-debug O8OSrDZO0N5vy08qQ3B87+JSTX0eLzzIglA3FccdEhtgz14CwLC2snasfW4GiRs/zNKjd1l0zcwnRyk9YxCD3w== x-xss-protection 0
GET H/1.1	200 OK	favicon.ico dosya.co/	3 KB 4 KB	100ms 99ms	Other image/vnd.microsoft.icon	195.201.111.49 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dosya.co/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.111.49 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.49.111.201.195.clients.your-server.de Software Apache / PleskLin Resource Hash 615cc3281f3681c4a84d4206a63f520953a586749894d25c15cdfdc642373d2b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dosya.co/5rrlbcpm0vda/RoFIXER.exe Response headers Cache-Control max-age=172800 ETag "da8-567ddad23707f" Connection Keep-Alive Expires Thu, 03 Oct 2024 14:38:59 GMT Accept-Ranges bytes Content-Length 3496 Keep-Alive timeout=5, max=98 Date Tue, 01 Oct 2024 14:38:59 GMT Last-Modified Tue, 20 Mar 2018 20:11:13 GMT X-Powered-By PleskLin Server Apache Content-Type image/vnd.microsoft.icon Vary User-Agent

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery number| show_fname_chars string| upload_type function| $$ function| openStatusWindow function| StartUpload function| StartUploadBox function| checkExt function| checkSize function| getFileSize function| fixLength function| MultiSelector function| getFormAction function| setFormAction function| InitUploadSelector function| findPos function| changeUploadType function| jah function| submitCommentsForm function| scaleImg function| OpenWin function| player_start function| copy function| convertSize function| gtag object| dataLayer function| fbAsyncInit function| checkForm string| tab_cookie function| share_facebook function| share_twitter function| share_gplus function| share_vk object| FB object| gapi object| ___jsl function| scrollDown function| queryParameters object| jQuery191037424711744655337 object| __buffer object| google_tag_manager object| google_tag_data object| googletag function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dosya.co/	1970-01-21 09:32:33	Name: _ga Value: GA1.1.1995458728.1727793539
			.dosya.co/	1970-01-21 09:32:33	Name: _ga_MZEZ63PHNB Value: GS1.1.1727793539.1.0.1727793539.60.0.0
			ps.fungidcolder.com/	1970-01-20 23:57:59	Name: GL_UI4 Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAiAaOml8dZ3IMvuSNcuO82wpfr2riZ6dX7y5ZwoilblHcRLtoXkIp%2FgQel9pRCHVtb75656rIa66xp1qJq2kW3TwdbMvZeDRZ%2FCZp4k%2B94vKexGdMhG9Yo05nAfqL%2Fm5OjqUhADS6dzEFMgbA7rgek6I5cJpE5OCNnrkSmomOQHMSR1cwjeuODjClY0l0lxA%2BLNuMtnscuiosgiuD1b6d%2BJp97oEMXIUiPEL7BR0uNI%2FAVrjfPJ0xmArO7%2F%2Bd9PYX%2FWINO4GBUi%2BSPyN0XnTgI%3D
			ps.fungidcolder.com/	1970-01-20 23:57:59	Name: GL_GI10 Value: eJwNy9EKgjAUBuDtQEZUFz%2F5AHuCgaL4AGV540MMWzHCs3GmQW%2Bftx98SikqT6CQcG5aWzWVrdradi30G3TrQRNj%2F%2FAyO%2F5BC2jYTBi7wefsoSfgLo4%2Fr1UW42YzusDQAcexbjrTrxKTB3HG4RolRXHLllKhQUssCJSfpYL%2BFpc%2FG1QflA%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
dosya.co
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
ps.fungidcolder.com
region1.analytics.google.com
stats.g.doubleclick.net
www.facebook.com
www.google.de
www.googletagmanager.com
195.201.111.49
2001:4860:4802:34::36
23.109.170.222
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:806::2008
2a00:1450:4001:810::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::2003
2a00:1450:4001:829::200a
2a00:1450:400c:c07::9c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::485
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
1a8635c7077b20e45b38d58f63b6562a47630e137c0e2c68b5b31611a8524a15
238a61fb513df93cc79db290febe0d76aca2eca14ba184e894fde8549f5f3da1
3a62b526bb8e3de6b73cd265804b544a56f2d2f19f74f43c1681db946b4b9ae5
4fdccb9053939f1c4ab512c674b1ae9320cba6733d682d5e796b4b75da782bff
5078e3c0bac573204f58dbd1c79b9c0b22512b694fb7ccde42033a21b4d8b3a4
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
615cc3281f3681c4a84d4206a63f520953a586749894d25c15cdfdc642373d2b
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7d1752ae12562ed8b06fe47e5e31d16e0b4683b7b0b23a6c8385aa35dc263cf4
7ed72d07bad4e847f9647546ddf0ef0177b4becdcb899ecf4bba18b76031fe7b
881c570a9be3cf3d3df9cef998ad30fcd96acc734583c35bb720b756487bcf58
a536f69561b103071bfac0f8b0fbcd512124e1b09c13bb05940eedb6eee70e73
b57a0a6a75d3dcc85984750ca9d5025f975330e6bbd8b3092e84c0be77496efa
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96
d064beadc87162a0a623a7dd6d4539a87202d7373c340f63de6e9f7ff483140b
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39537780d8d5d477e79126e72f0107b63ffdb5a3bacabcab32fdce74bac9725
f52bd322c3a2e09338bf72b845c59ac2b1c4ecffe5e0e0513010cd69ff7eec9f
f981914f290d00f0cf8223f88d9875f46b87ec243db466ab4dc49cf31e1ef8c8
fcef96bd3d8479bd51214ea2308b44862e719474c22c78361e02e6546156c96f
fe5a63f54ed22a142ed5b73e7df9212f6196bf2f9139f792caa6d295af2a9ee0