s6.dosya.tc Open in urlscan Pro
157.90.180.51 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Submission: On May 04 via manual (May 4th 2021, 8:04:58 pm UTC) from US

Summary HTTP 41 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 10 domains to perform 41 HTTP transactions. The main IP is 157.90.180.51, located in Germany and belongs to HETZNER-AS, DE. The main domain is s6.dosya.tc.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 25th 2020. Valid for: 2 years.

This is the only time s6.dosya.tc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	157.90.180.51 157.90.180.51	24940 (HETZNER-AS) (HETZNER-AS)
10	139.45.196.210 139.45.196.210	9002 (RETN-AS) (RETN-AS)
9	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4010:c0b::65	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
41	14

11 157.90.180.51 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.51.180.90.157.clients.your-server.de

s6.dosya.tc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.196.210 (United Kingdom)

ASN9002 (RETN-AS, GB)

pushlommy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4010:c0b::65 (Lappeenranta, Finland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	dosya.tc s6.dosya.tc	160 KB
10	pushlommy.com pushlommy.com	66 KB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	154 KB
4	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	5 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	rtmark.net my.rtmark.net	541 B
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	165 B
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	259 B
41	10

	Domain	Requested by
11	s6.dosya.tc	s6.dosya.tc
10	pushlommy.com	s6.dosya.tc pushlommy.com
7	pagead2.googlesyndication.com	s6.dosya.tc pagead2.googlesyndication.com tpc.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	s6.dosya.tc www.google-analytics.com
1	my.rtmark.net	s6.dosya.tc
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
41	12

This site contains links to these domains. Also see Links.

Domain
www.dosya.tc
www.facebook.com
twitter.com
www.google.com

Subject Issuer	Validity	Valid
*.dosya.tc Sectigo RSA Domain Validation Secure Server CA	`2020-05-25` - `2022-05-25`	2 years	crt.sh
pushlommy.com R3	`2021-04-20` - `2021-07-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Frame ID: 9A2F07A24432B9A8E62B114A90B4D833
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/zrt_lookup.html
Frame ID: 291A2953887141842F8547AC05CC6169
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1620158677&psa=0&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver%2F7g5ue3%2Fcorsair.rar.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620158676912&bpp=34&bdt=863&idt=672&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6112369112280&frm=20&pv=2&ga_vid=808322817.1620158678&ga_sid=1620158678&ga_hid=853260396&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=800&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21065725%2C31060840&oid=3&pvsid=1957342462491052&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CkyAmaUFHf&p=https%3A//s6.dosya.tc&dtd=710
Frame ID: B10BC586512DF4A66355D8153D0B33ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1620158677&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fs6.dosya.tc%2Fserver%2F7g5ue3%2Fcorsair.rar.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620158676946&bpp=25&bdt=897&idt=715&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=6112369112280&frm=20&pv=1&ga_vid=808322817.1620158678&ga_sid=1620158678&ga_hid=853260396&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21065725%2C31060840&oid=3&pvsid=1957342462491052&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=764
Frame ID: 063B6B353980CFDF926A890B2A21FA12
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 0B6BFC4B2B58C6691C8BA12CFD9AAE25
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 22EBEAC72D0D8BA02725BF0A69F0BA3F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

41
Requests

100 %
HTTPS

69 %
IPv6

10
Domains

12
Subdomains

14
IPs

5
Countries

433 kB
Transfer

1006 kB
Size

5
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dosya.tc/

Search URL Search Domain Scan URL

URL: https://www.dosya.tc/uye.php

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Dosya.tc

Search URL Search Domain Scan URL

URL: https://twitter.com/Dosyatc

Search URL Search Domain Scan URL

URL: https://www.google.com/+DosyaTcsitesi

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request corsair.rar.html Show response
s6.dosya.tc/server/7g5ue3/ 5 KB
5 KB 227ms
88ms Document
text/html 157.90.180.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.51.180.90.157.clients.your-server.de
Software: Apache /
Resource Hash: 1b5ecbfe7f4267bc2260e103f5e69789d3c92bdaa5c589619d41918943f51094

Request headers

Host: s6.dosya.tc
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:04:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-9

GET
H/1.1 200
OK style.css
s6.dosya.tc/style/ 14 KB
2 KB 101ms
66ms Stylesheet
text/css 157.90.180.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s6.dosya.tc/style/style.css
Requested by: Host: s6.dosya.tc
URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.51.180.90.157.clients.your-server.de
Software: Apache /
Resource Hash: 2b8c3599f9d693fc1422d4ad7c8fe6b9fbb2ade6b19a89c55e0d94f02252410a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: s6.dosya.tc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Connection: keep-alive
Referer: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:04:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Mar 2021 15:06:49 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=149
Content-Length: 2005

GET
H/1.1 200
OK bootstrap.css
s6.dosya.tc/style/ 138 KB
21 KB 179ms
75ms Stylesheet
text/css 157.90.180.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s6.dosya.tc/style/bootstrap.css
Requested by: Host: s6.dosya.tc
URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.51.180.90.157.clients.your-server.de
Software: Apache /
Resource Hash: c942686010e285633d77a24341c43850ccd6162fcc7e8281ae8a70c2921a9af5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: s6.dosya.tc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Connection: keep-alive
Referer: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:04:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Mar 2021 15:06:48 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=148
Content-Length: 20804

GET
H/1.1 200
OK logo.png
s6.dosya.tc/images/ 7 KB
7 KB 98ms
70ms Image
image/png 157.90.180.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s6.dosya.tc/images/logo.png
Requested by: Host: s6.dosya.tc
URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.51.180.90.157.clients.your-server.de
Software: Apache /
Resource Hash: 77eba513db8685e5a4b7633684b1d6b175bf8272ccfff3c6a1c0735d37d1d57a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: s6.dosya.tc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Connection: keep-alive
Referer: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:04:36 GMT
Last-Modified: Thu, 25 Mar 2021 15:06:40 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=150
Content-Length: 7157

GET
H/1.1 200
OK uye-girisi.png
s6.dosya.tc/images/ 3 KB
3 KB 121ms
95ms Image
image/png 157.90.180.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s6.dosya.tc/images/uye-girisi.png
Requested by: Host: s6.dosya.tc
URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.51.180.90.157.clients.your-server.de
Software: Apache /
Resource Hash: 6bfa03e8b7d8249e9927cafe801657559f7b7064248bb970b55fb4b689611f2d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: s6.dosya.tc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Connection: keep-alive
Referer: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:04:36 GMT
Last-Modified: Thu, 25 Mar 2021 15:06:41 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=149
Content-Length: 2979

GET
H/1.1 200
OK ntfc.php Show response
pushlommy.com/ 14 KB
6 KB 627ms
59ms Script
application/javascript 139.45.196.210
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushlommy.com/ntfc.php?p=2138769
Requested by: Host: s6.dosya.tc
URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 031f00b22a8c37dc6f3a8ea8e33f3d958a579bb1fcddc00c9409a24d1e07c259

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:04:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:57 GMT
Server: nginx
ETag: W/"6086a8a9-380b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK download-img.png
s6.dosya.tc/images/ 7 KB
7 KB 90ms
82ms Image
image/png 157.90.180.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s6.dosya.tc/images/download-img.png
Requested by: Host: s6.dosya.tc
URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.51.180.90.157.clients.your-server.de
Software: Apache /
Resource Hash: e7cfbf6b7de5e77de00e7376302839e106d3f0ab89637d2af07eb74b86ef4d4f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: s6.dosya.tc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Connection: keep-alive
Referer: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:04:36 GMT
Last-Modified: Thu, 25 Mar 2021 15:06:36 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=147
Content-Length: 6819

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 33ms
24ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: s6.dosya.tc
URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d931393ae1a1c0b3d4126858ea4a15442f1e094f07420283272902e1a878c0cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47791
x-xss-protection: 0
server: cafe
etag: 12720787893023158812
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 May 2021 20:04:36 GMT

GET
H/1.1 200
OK footer-icon1.png
s6.dosya.tc/images/ 582 B
824 B 84ms
82ms Image
image/png 157.90.180.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s6.dosya.tc/images/footer-icon1.png
Requested by: Host: s6.dosya.tc
URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.51.180.90.157.clients.your-server.de
Software: Apache /
Resource Hash: 101d88dc759a5588d5c064fe233b6b19c565966a527a03eb9cdc29c733b8d4c3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: s6.dosya.tc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Connection: keep-alive
Referer: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:04:36 GMT
Last-Modified: Thu, 25 Mar 2021 15:06:37 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=150
Content-Length: 582

GET
H/1.1 200
OK footer-icon2.png
s6.dosya.tc/images/ 850 B
1 KB 84ms
82ms Image
image/png 157.90.180.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s6.dosya.tc/images/footer-icon2.png
Requested by: Host: s6.dosya.tc
URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.51.180.90.157.clients.your-server.de
Software: Apache /
Resource Hash: eea1befd43d3dc930a0eb0335c56ed8bc7e14aa1ee3e6c546cd21c1826362750

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: s6.dosya.tc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Connection: keep-alive
Referer: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:04:36 GMT
Last-Modified: Thu, 25 Mar 2021 15:06:37 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=150
Content-Length: 850

GET
H/1.1 200
OK footer-icon3.png
s6.dosya.tc/images/ 2 KB
2 KB 155ms
67ms Image
image/png 157.90.180.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s6.dosya.tc/images/footer-icon3.png
Requested by: Host: s6.dosya.tc
URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.51.180.90.157.clients.your-server.de
Software: Apache /
Resource Hash: c84a015988434d7fa0c884f5590de727799abacb9c4a4ad6b4cadea4b97ea732

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: s6.dosya.tc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Connection: keep-alive
Referer: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:04:36 GMT
Last-Modified: Thu, 25 Mar 2021 15:06:38 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=148
Content-Length: 1702

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 82ms
80ms Script
text/javascript 2a00:1450:4010:c0b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: s6.dosya.tc
URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4010:c0b::65 Lappeenranta, Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6807
date: Tue, 04 May 2021 18:11:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 04 May 2021 20:11:09 GMT

GET
H/1.1 200
OK background.webp
s6.dosya.tc/images/ 110 KB
110 KB 163ms
75ms Image
image/webp 157.90.180.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s6.dosya.tc/images/background.webp
Requested by: Host: s6.dosya.tc
URL: https://s6.dosya.tc/style/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.51.180.90.157.clients.your-server.de
Software: Apache /
Resource Hash: 0804b26a6993fc6ee8e977f77aa9ce5ddf9c4fe69773b296cc292ee7b2a5ac1b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: s6.dosya.tc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://s6.dosya.tc/style/style.css
Connection: keep-alive
Referer: https://s6.dosya.tc/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:04:36 GMT
Last-Modified: Thu, 25 Mar 2021 15:06:35 GMT
Server: Apache
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=149
Content-Length: 112776

GET
H/1.1 200
OK menu-ayrac.png
s6.dosya.tc/images/ 125 B
367 B 77ms
75ms Image
image/png 157.90.180.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s6.dosya.tc/images/menu-ayrac.png
Requested by: Host: s6.dosya.tc
URL: https://s6.dosya.tc/style/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.51.180.90.157.clients.your-server.de
Software: Apache /
Resource Hash: 9700fc9abb23b0fa04c070487f5aebdcec2cbb22f10788ab7898032abe3fcced

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: s6.dosya.tc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://s6.dosya.tc/style/style.css
Connection: keep-alive
Referer: https://s6.dosya.tc/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:04:36 GMT
Last-Modified: Thu, 25 Mar 2021 15:06:40 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=146
Content-Length: 125

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/ 223 KB
82 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9775275426073837&plah=s6.dosya.tc&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8efe3e24fbff7b370d1d24175f1de783017859e0fe80d2e0f08e22b8e1c0c08a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84200
x-xss-protection: 0
server: cafe
etag: 1635929098252524918
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 04 May 2021 20:04:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/ Frame 291A 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210429/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s6.dosya.tc/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s6.dosya.tc/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 04 May 2021 02:53:05 GMT
expires: Tue, 18 May 2021 02:53:05 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 61891
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 35ms
19ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=853260396&t=pageview&_s=1&dl=https%3A%2F%2Fs6.dosya.tc%2Fserver%2F7g5ue3%2Fcorsair.rar.html&ul=en-us&de=windows-1254&dt=corsair.rar%20dosyas%C4%B1n%C4%B1%20indir%20-%20download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1202776476&gjid=222115825&cid=808322817.1620158678&tid=UA-60205436-1&_gid=923760318.1620158678&_r=1&_slc=1&z=1750999859

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:04:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s6.dosya.tc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK zone Show response
pushlommy.com/ 758 B
1 KB 81ms
74ms Fetch
application/json 139.45.196.210
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pushlommy.com/zone?pub=0&zone_id=2138769&is_mobile=false&domain=s6.dosya.tc&var=&ymid=&var_3=

Requested by

Host: pushlommy.com
URL: https://pushlommy.com/ntfc.php?p=2138769

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

93b432f76792532f209a82013d33f1392488f3a2a7f1a7d12e1ba54fc4dd862c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Trace-Id: 0a3aa5e32e016ad1dbb333a8a62f017e
Date: Tue, 04 May 2021 20:04:35 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://s6.dosya.tc
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 758

GET
H/1.1 200
OK universal.min.js Show response
pushlommy.com/pfe/current/ 107 KB
38 KB 231ms
89ms Fetch
application/javascript 139.45.196.210
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushlommy.com/pfe/current/universal.min.js?v=3.1.291
Requested by: Host: pushlommy.com
URL: https://pushlommy.com/ntfc.php?p=2138769
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 62dadcf91b790af18b75663d3b07dc5099824148a32cc71c8e4d8fa99aabc745

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:04:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:57 GMT
Server: nginx
ETag: W/"6086a8a9-1ab55"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://s6.dosya.tc
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 198 B
259 B 103ms
101ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=s6.dosya.tc&callback=_gfp_s_&client=ca-pub-9775275426073837

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9775275426073837&plah=s6.dosya.tc&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

f8a74592545918369f729f255d8a2311079a4ec18f82204c431074fd37c4c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=s6.dosya.tc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 43ms
42ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s6.dosya.tc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B10B 405 B
230 B 345ms
344ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1620158677&psa=0&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver%2F7g5ue3%2Fcorsair.rar.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620158676912&bpp=34&bdt=863&idt=672&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6112369112280&frm=20&pv=2&ga_vid=808322817.1620158678&ga_sid=1620158678&ga_hid=853260396&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=800&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21065725%2C31060840&oid=3&pvsid=1957342462491052&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CkyAmaUFHf&p=https%3A//s6.dosya.tc&dtd=710

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b18d5dcfd098338eecd5e6fcb5232d5a9ebc54f984b75260efdf6e884565e88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1620158677&psa=0&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver%2F7g5ue3%2Fcorsair.rar.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620158676912&bpp=34&bdt=863&idt=672&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6112369112280&frm=20&pv=2&ga_vid=808322817.1620158678&ga_sid=1620158678&ga_hid=853260396&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=800&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21065725%2C31060840&oid=3&pvsid=1957342462491052&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CkyAmaUFHf&p=https%3A//s6.dosya.tc&dtd=710
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s6.dosya.tc/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s6.dosya.tc/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 04 May 2021 20:04:37 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-May-2021 20:19:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 20:04:37 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056503243602"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Tue, 04 May 2021 20:04:37 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
84 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-60205436-1&cid=808322817.1620158678&jid=1202776476&gjid=222115825&_gid=923760318.1620158678&_u=IEBAAEAAAAAAAC~&z=1274287106

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 04 May 2021 20:04:37 GMT
content-type: text/plain
access-control-allow-origin: https://s6.dosya.tc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 063B 1 KB
444 B 76ms
70ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1620158677&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fs6.dosya.tc%2Fserver%2F7g5ue3%2Fcorsair.rar.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620158676946&bpp=25&bdt=897&idt=715&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=6112369112280&frm=20&pv=1&ga_vid=808322817.1620158678&ga_sid=1620158678&ga_hid=853260396&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21065725%2C31060840&oid=3&pvsid=1957342462491052&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=764

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c95ba57b64a22b62f7cb47004f1f583f0de1bac0d68bce080e6fee22a1c893c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1620158677&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fs6.dosya.tc%2Fserver%2F7g5ue3%2Fcorsair.rar.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620158676946&bpp=25&bdt=897&idt=715&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=6112369112280&frm=20&pv=1&ga_vid=808322817.1620158678&ga_sid=1620158678&ga_hid=853260396&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21065725%2C31060840&oid=3&pvsid=1957342462491052&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=764
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s6.dosya.tc/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s6.dosya.tc/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 04 May 2021 20:04:37 GMT
server: cafe
content-length: 419
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-May-2021 20:19:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 20:04:37 GMT
cache-control: private

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 47ms
43ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=p&pg_h=1200&su=s6.dosya.tc&d=5000

Requested by

Host: s6.dosya.tc
URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:04:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK custom
pushlommy.com/ Frame 0
0 60ms
60ms Preflight
text/plain 139.45.196.210
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushlommy.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://s6.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 04 May 2021 20:04:35 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://s6.dosya.tc
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
pushlommy.com/ 39 B
486 B 65ms
60ms Fetch
application/json 139.45.196.210
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pushlommy.com/custom

Requested by

Host: s6.dosya.tc
URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: f008f42a3ac13b63ff2583d70452a5e1
Date: Tue, 04 May 2021 20:04:35 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://s6.dosya.tc
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 199ms
62ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=e4f4315159ef45abbc33c23f52c8ed94&zoneId=2138769&checkDuplicate=true&ymid=&var=

Requested by

Host: s6.dosya.tc
URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5b0c581ba57f6e15e1726dc7917b4bd8889e6e137813cc99ad0cb75df6ce017f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:04:38 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://s6.dosya.tc
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 23ms
19ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210429&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39d592fb68a6acdbfba8246594e1a26ae7a0fe380ed9967535b9ea11beaea649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7663
x-xss-protection: 0

POST
H/1.1 200
OK custom Show response
pushlommy.com/ 39 B
486 B 70ms
59ms Fetch
application/json 139.45.196.210
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pushlommy.com/custom

Requested by

Host: s6.dosya.tc
URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: f6e23b473514dea379801e1e8a5e9fb6
Date: Tue, 04 May 2021 20:04:35 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://s6.dosya.tc
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
pushlommy.com/ Frame 0
0 92ms
58ms Preflight
text/plain 139.45.196.210
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushlommy.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://s6.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 04 May 2021 20:04:35 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://s6.dosya.tc
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
29ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 04 May 2021 20:04:38 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 0B6B 12 KB
5 KB 13ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s6.dosya.tc/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s6.dosya.tc/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 04 May 2021 20:04:02 GMT
expires: Wed, 04 May 2022 20:04:02 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 36
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B6B 14 KB
6 KB 65ms
48ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 17:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 8504
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 17:42:54 GMT

GET
H/1.1 200
OK defaultSkin.min.js Show response
pushlommy.com/pfe/current/ 56 KB
19 KB 72ms
64ms Fetch
application/javascript 139.45.196.210
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushlommy.com/pfe/current/defaultSkin.min.js
Requested by: Host: s6.dosya.tc
URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:04:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:57 GMT
Server: nginx
ETag: W/"6086a8a9-df63"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://s6.dosya.tc
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame 22EB 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK custom Show response
pushlommy.com/ 39 B
486 B 65ms
61ms Fetch
application/json 139.45.196.210
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pushlommy.com/custom

Requested by

Host: s6.dosya.tc
URL: https://s6.dosya.tc/server/7g5ue3/corsair.rar.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 092c4687e7645e4eeabd82c4a1811e09
Date: Tue, 04 May 2021 20:04:36 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://s6.dosya.tc
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
pushlommy.com/ Frame 0
0 56ms
55ms Preflight
text/plain 139.45.196.210
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushlommy.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://s6.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 04 May 2021 20:04:36 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://s6.dosya.tc
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 49ms
48ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210429&jk=1957342462491052&bg=!QEOlQwfNAAYXzPaOF8w7ACkAdvg8WpNSgJdz_iTWEYLg3KinhlJVNJ6_A1F6MOuuMBDbt7dLZjrlHAIAAAGiUgAAABFoAQcKADg2VZ_AmQrdrv5qhZwADMO_mqdRDsQwKyW7JZBEPsjOy33xpbFi6J1-bGm0vWaAFiiEXVtYWtj2VZkCN9mM8j-i7pc90It4WujzVaVgYeoWA1MGyaY-qiVgSg3g-NJwT3bs1GSXAr9K3S45v4rUGh6AwYkapWTks_IGN0Wu-Yf0z2LwS83rQRtL_CpuO_halCps85DPPhe0dTLhIKtEfARkXxA57MDZPQi7bYtZwN-YiNa0Q3elrotGoPfqNRpg30QiXU1A7sIVPMxgdDsjbyFhTmPsn-Q2ZZ67OtIdc_ku35WcKee9TcoLu_eX7TCLL3uMxmk_ZswX_uR-YJR8KJrd0yDrWvW0ZOyTAQ4Wqe1xWToaoduRnNYKrtpLQrSPOACSRog_sJeVCaNdzVSiq4L0MqHvnlHM72QEC4-gc4zIEh3Ln_LXylxLJz9af7pyN3xD3NUWBJ2peJ3TEsFTBPo2pckMcy5NbKmcn-l--njR0arcjs4vQ-BWoTvU7ozvjbT1L-wxFy_54yuXQ33SkajkWUei0Hy4_180H4yLJ91CItITvjiIWC25lp4peSZktcLnQCagwCMUBVfSqlyCdC-haTHDdsElWX2OFFE4sqQHNLwPAfsNwuo7g7Yj-Y2YtPy5Q6HP98OZkK4l4UuQQtIyuGbmZNra8ZUrKPlzwlEdGJd-cJuxIyYw8gHD6ATaOdwleiDc8ua3TfMnbIHL0B6H6mwPc-HfoSV1RbUS6Qy23RZ79e5fTmhdqSiayEcN13Bud87TBIMKrEwVQJed0M4TE4W455rjByq2NzIaOQZM88gRUmzP2MTRKTAFWsRJOBWqhg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:04:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 41ms
39ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=s&pg_h=1200&su=s6.dosya.tc&d=5000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s6.dosya.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:04:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 03:24:14	Name: IDE Value: AHWqTUk3hYjrT4k8PVf0R1MudBqCiX4koZBA50dmuiy1xnGvn9Ttxyx-hYvXu97VDQs
.dosya.tc/	1970-01-19 18:02:38	Name: _gat Value: 1
.dosya.tc/	1970-01-19 18:04:05	Name: _gid Value: GA1.2.923760318.1620158678
.dosya.tc/	1970-01-20 03:24:14	Name: __gads Value: ID=d7ca694ff8b3f2a5-221adbe606c80093:T=1620158677:RT=1620158677:S=ALNI_MYr1hUVFMzajHe2n0oYJwjLZ7vHyw
.dosya.tc/	1970-01-20 11:33:50	Name: _ga Value: GA1.2.808322817.1620158678

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'setItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
my.rtmark.net
pagead2.googlesyndication.com
partner.googleadservices.com
pushlommy.com
s6.dosya.tc
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
139.45.195.8
139.45.196.210
157.90.180.51
172.217.23.98
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:808::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:400c:c04::9b
2a00:1450:4010:c0b::65
031f00b22a8c37dc6f3a8ea8e33f3d958a579bb1fcddc00c9409a24d1e07c259
0804b26a6993fc6ee8e977f77aa9ce5ddf9c4fe69773b296cc292ee7b2a5ac1b
101d88dc759a5588d5c064fe233b6b19c565966a527a03eb9cdc29c733b8d4c3
1b5ecbfe7f4267bc2260e103f5e69789d3c92bdaa5c589619d41918943f51094
2b18d5dcfd098338eecd5e6fcb5232d5a9ebc54f984b75260efdf6e884565e88
2b8c3599f9d693fc1422d4ad7c8fe6b9fbb2ade6b19a89c55e0d94f02252410a
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
39d592fb68a6acdbfba8246594e1a26ae7a0fe380ed9967535b9ea11beaea649
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
5b0c581ba57f6e15e1726dc7917b4bd8889e6e137813cc99ad0cb75df6ce017f
62dadcf91b790af18b75663d3b07dc5099824148a32cc71c8e4d8fa99aabc745
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bfa03e8b7d8249e9927cafe801657559f7b7064248bb970b55fb4b689611f2d
77eba513db8685e5a4b7633684b1d6b175bf8272ccfff3c6a1c0735d37d1d57a
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
8efe3e24fbff7b370d1d24175f1de783017859e0fe80d2e0f08e22b8e1c0c08a
93b432f76792532f209a82013d33f1392488f3a2a7f1a7d12e1ba54fc4dd862c
94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af
9700fc9abb23b0fa04c070487f5aebdcec2cbb22f10788ab7898032abe3fcced
9c95ba57b64a22b62f7cb47004f1f583f0de1bac0d68bce080e6fee22a1c893c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c84a015988434d7fa0c884f5590de727799abacb9c4a4ad6b4cadea4b97ea732
c942686010e285633d77a24341c43850ccd6162fcc7e8281ae8a70c2921a9af5
d931393ae1a1c0b3d4126858ea4a15442f1e094f07420283272902e1a878c0cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7cfbf6b7de5e77de00e7376302839e106d3f0ab89637d2af07eb74b86ef4d4f
eea1befd43d3dc930a0eb0335c56ed8bc7e14aa1ee3e6c546cd21c1826362750
f8a74592545918369f729f255d8a2311079a4ec18f82204c431074fd37c4c808
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

s6.dosya.tc Open in urlscan Pro 157.90.180.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

69 %IPv6

10 Domains

12 Subdomains

14 IPs

5 Countries

433 kBTransfer

1006 kBSize

5 Cookies

5 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

s6.dosya.tc Open in urlscan Pro
157.90.180.51 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

69 %
IPv6

10
Domains

12
Subdomains

14
IPs

5
Countries

433 kB
Transfer

1006 kB
Size

5
Cookies

41 HTTP transactions
1 data transactions