urlscan.io logo urlscan.io
SecurityTrails logo

www.dosya1.com Open in urlscan Pro
2606:4700:3031::ac43:85df  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.dosya1.com/yDguCK
Submission Tags: falconsandbox
Submission: On December 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 13 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3031::ac43:85df, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dosya1.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.
This is the only time www.dosya1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 7 2a02:6b8::1:119 208722 (YNDX)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 35.190.71.96 15169 (GOOGLE)
29 12
7    2606:4700:3031::ac43:85df (United States)

ASN13335 (CLOUDFLARENET, US)
www.dosya1.com
4    2606:4700:3030::6815:1212 (United States)

ASN13335 (CLOUDFLARENET, US)
bvmcdn.net
1    2606:4700:3032::6815:4544 (United States)

ASN13335 (CLOUDFLARENET, US)
punosy.best
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
1    2606:4700:3035::6815:56a0 (United States)

ASN13335 (CLOUDFLARENET, US)
bvmcdn.com
2    2606:4700:3033::6815:bc9 (United States)

ASN13335 (CLOUDFLARENET, US)
punosy.xyz
2    2606:4700:3037::ac43:c9d8 (United States)

ASN13335 (CLOUDFLARENET, US)
asacdn.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3037::ac43:8e31 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
3    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    35.190.71.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com
onclickgenius.com
Domain Requested by
7 www.dosya1.com www.dosya1.com
5 mc.yandex.com 2 redirects www.dosya1.com
4 bvmcdn.net www.dosya1.com
bvmcdn.net
3 fonts.gstatic.com fonts.googleapis.com
2 maxcdn.bootstrapcdn.com bvmcdn.net
maxcdn.bootstrapcdn.com
2 asacdn.com www.dosya1.com
2 punosy.xyz punosy.best
punosy.xyz
2 mc.yandex.ru 1 redirects www.dosya1.com
1 onclickgenius.com www.dosya1.com
1 ufpcdn.com www.dosya1.com
1 fonts.googleapis.com bvmcdn.net
1 bvmcdn.com bvmcdn.net
1 punosy.best www.dosya1.com
29 13

This site contains links to these domains. Also see Links.

Domain
bvmtogo.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-29 -
2022-06-28		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
onclickgenius.com
Sectigo RSA Domain Validation Secure Server CA		 2021-01-22 -
2022-01-22		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.dosya1.com/yDguCK
Frame ID: B624C261D3AFE8077FB9E7F965BCB794
Requests: 28 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 35B6BD4EB3B981DF72F8127C13A017EA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FS17.Crack.Only-RELOADED.rar

Page Statistics

29
Requests

93 %
HTTPS

92 %
IPv6

13
Domains

13
Subdomains

12
IPs

3
Countries

266 kB
Transfer

509 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9487.4cXlFNG9Dk4U4Ks4jBl7QxXztHBZ8c4KcexOmZ6omnfO9hecU2PM3KK9NJCTyGTp.kS2EZig7UtMmpRLLB84mFrTf2Uc%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9487.pCKagl8ALgsb5VAvt6knCiQOD8ZcE1z6M5f1lNiWiVjVhRXBu70M9rWnK2buvAut35kIpOpjr5QZNLyyd0Vfuw%2C%2C.oZ3imG-JpQD3PXp71N9jwNQqVWY%2C
Request Chain 25
  • https://mc.yandex.com/watch/25655309?wmode=7&page-url=https%3A%2F%2Fwww.dosya1.com%2FyDguCK&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A190%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A241997964191%3Ahid%3A339728632%3Az%3A0%3Ai%3A20211214092536%3Aet%3A1639473936%3Ac%3A1%3Arn%3A83031476%3Arqn%3A1%3Au%3A1639473936853797316%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639473936150%3Ads%3A10%2C22%2C79%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A10%2C22%2C79%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639473937%3At%3AFS17.Crack.Only-RELOADED.rar&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/25655309/1?wmode=7&page-url=https%3A%2F%2Fwww.dosya1.com%2FyDguCK&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A190%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A241997964191%3Ahid%3A339728632%3Az%3A0%3Ai%3A20211214092536%3Aet%3A1639473936%3Ac%3A1%3Arn%3A83031476%3Arqn%3A1%3Au%3A1639473936853797316%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639473936150%3Ads%3A10%2C22%2C79%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A10%2C22%2C79%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639473937%3At%3AFS17.Crack.Only-RELOADED.rar&t=gdpr%2814%29aw%281%29ti%282%29

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request yDguCK
www.dosya1.com/ 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dosya1.com/yDguCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:85df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f2e64829ee2e3012c800a0654714a2e7a7f5eff855a6d9d60e11682a57a291f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-cache
HIT from Backend
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOuLgRHdbV1B9dPho%2BwdAVUKoSFEWWyVbuDY8cHIMXgGdQboFj5FHbEXXsUnM8VNHGrjeAPwmt9FLXcGRtMr%2FH%2FF9wPqxRnY0DeVKET3Uzq85FIKLSC6ZzTkGwD5I%2Fux5ezRiBbuhICXluPDgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6bd662c52b214e37-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bitdrop.css
www.dosya1.com/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dosya1.com/css/bitdrop.css
Requested by
Host: www.dosya1.com
URL: https://www.dosya1.com/yDguCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:85df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00934a731f50dbf7d592b6cfe87c7c635118f9c8bcd71d93a0d6a3cf1f11ff72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/yDguCK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5553924
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 12 Nov 2015 23:34:59 GMT
server
cloudflare
etag
W/"56452223-139d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knMR33WXLgIgPmRh8fhrH0uqwPrIsuva8KGbn72D0%2Fu7vijq0XNjKrhejB9VgE7DOoiGmyuiVOJykhc5esN1U0Y9iiNAK2vW2VXjGzR3UtNK0lv%2FzNsKZUxe8%2ByLu3zHFq1XATUy50Hl0tmmpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
6bd662c5cc4a4e37-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ui.css
www.dosya1.com/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dosya1.com/css/ui.css
Requested by
Host: www.dosya1.com
URL: https://www.dosya1.com/yDguCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:85df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8f4e745e8d8a85e4dbc92845a93a55f296c21b8e0e03cc7b9e3eddeb9656e27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/yDguCK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20286678
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 12 Nov 2015 23:34:59 GMT
server
cloudflare
etag
W/"56452223-2ee9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZU6ELYVxWgfPsxdLh3B6h9usyqsLetOlfxK1RLLnHQMv4bW380bCboazy0Gb3jcepc1w1SB6FGVKIMwdgpJ1DO%2BWzSPt3ki5NCfpUouZE3c8VbfD3Xll8L9gwMPnUPT30HaDyPVCotoxlvmpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
6bd662c5cc4c4e37-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
numericalize.js
www.dosya1.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dosya1.com/js/numericalize.js
Requested by
Host: www.dosya1.com
URL: https://www.dosya1.com/yDguCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:85df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9af07df46611d667e616ee16e72c77d015b7d7de0fd13428333de39813694600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/yDguCK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20289852
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 12 Nov 2015 23:35:00 GMT
server
cloudflare
etag
W/"56452224-cc1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p14lG%2BgXHy7JyHK3T8qSi4zkth76CgKoPizMi%2BGT5XXuMR8btJ9qNk3EurqgkG%2BQBb7Ghz7Limuxo7ASN%2FN4WhS1S6OJP7z78X33UAqdH4hiOahkBaHr2IojQPFV8WKh%2BSbyb%2BlkkbMl0ERRMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6bd662c5cc4d4e37-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-1.10.1.min.js
www.dosya1.com/js/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dosya1.com/js/jquery-1.10.1.min.js
Requested by
Host: www.dosya1.com
URL: https://www.dosya1.com/yDguCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:85df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/yDguCK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4034355
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 12 Nov 2015 23:35:00 GMT
server
cloudflare
etag
W/"56452224-16b88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9wJLUjraHCRVAUOzut%2F8FWZbsDHYZbZ2D5BUUofC%2FI2khDDW7B1U%2B9ChkpPklRFz%2BbVsiUP9OmI%2FW%2FSREgEqzR3Cc2HzQ7ZmyhPFPT%2BqdctTvCV5glHKnmi6g%2F6YXy1FtW3P6JSO%2FGjYoAyog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6bd662c5cc4e4e37-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-etc.png
www.dosya1.com/images/ 		693 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dosya1.com/images/icon-etc.png
Requested by
Host: www.dosya1.com
URL: https://www.dosya1.com/yDguCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:85df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41fc212e9bd4e26a7fe905cad45f3a9c74513c5e5b891997b28476cfa85454f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/yDguCK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3996027
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 12 Nov 2015 23:34:59 GMT
server
cloudflare
etag
W/"56452223-2b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcumHB8QX7Xu6NROIXn8KQnAOMGmqqFp7FE2M1SaHqSzXFvKvP7NY5eiSYWRR4GcrvNIKnSFNqKivw7uU8JXj1aeM8z2bWv8u3rq9UfakW7PUjWbQaQp7TVS%2FwMJryLeshET3a93akFF%2BsBFHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
cf-ray
6bd662c5fd316987-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
opdis.js
bvmcdn.net/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bvmcdn.net/opdis.js?v=1.0040
Requested by
Host: www.dosya1.com
URL: https://www.dosya1.com/yDguCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c94a19b66bab4624ccf18098a8727895bb5c448f92e9a4601270632611f2b9fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
324829
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 06 Dec 2021 12:16:39 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"61adff27-1ea6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWck5mRdDEqdP%2BBR0nT%2BeuPIVWtLyOCJrQxPetChzUXpKp6Wh7u3wLuO8JA5wyQjW9ZfxGhWByf1kViJKVLdBYIxt4azXGSZwsvwF52ejFfsy19by29ttCC70x7lTgdPKzEIHg98BT%2Fn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
cf-ray
6bd662c62dc40625-FRA
expires
Fri, 17 Dec 2021 15:11:47 GMT
main.min.js
punosy.best/cdn/v3/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://punosy.best/cdn/v3/main.min.js?v=3.1
Requested by
Host: www.dosya1.com
URL: https://www.dosya1.com/yDguCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4544 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81f49e18edcddba64f0d91472f5cd7873b59002f09db15b5f88fcdeb55a5661c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
571
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 06 Dec 2021 15:16:24 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"61ae2948-392f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUAlRtTonkbBzpEVCVZSqXMTLQ9p1PgnABubO5v9c7lTP1imJohCo3xmd4LXcy4QU86FgFfdILT%2FSqExYs1kMTTghDQ%2FUqGpzypPJDv6vFbBRQouKtDcGrYIhTUs1PdMP5OkECIBnOHdAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
6bd662c639912ba1-FRA
watch.js
mc.yandex.ru/metrika/ 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: www.dosya1.com
URL: https://www.dosya1.com/yDguCK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
626f55aa3d45585445a10938c940f3ddb7a68ad1013380d8bcc70ece4b08a04d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
content-encoding
br
last-modified
Mon, 13 Dec 2021 15:31:55 GMT
etag
"61b73d3b-bcf4"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
48372
expires
Tue, 14 Dec 2021 10:25:36 GMT
eye.png
www.dosya1.com/images/ 		327 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dosya1.com/images/eye.png
Requested by
Host: www.dosya1.com
URL: https://www.dosya1.com/css/bitdrop.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:85df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e22f704e99e3eba37997ab10e4f6324018b844cc6473b907618c120abfffba16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/css/bitdrop.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4133482
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
327
x-xss-protection
1; mode=block
last-modified
Thu, 12 Nov 2015 23:34:59 GMT
server
cloudflare
etag
"56452223-147"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGpq4NdGLLD6lP1NjmBuawdqwN7Zb8rT%2Fru%2FBblvMuDmDcsZ2i11F0NwmcmW4aW21vkp9a%2F6%2FdNsRvtD%2BtemZNWxcVcOzcebDk4yEAiFZRMZ3eB5L7aW1Blh9yUGsccXa9rSMeGTpXVDIXA01A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6bd662c60d526987-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
bvmcdn.com/5bef363c-7f28-4352-a8e3-e1589c8c703c/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bvmcdn.com/5bef363c-7f28-4352-a8e3-e1589c8c703c/?width=auto&height=100&title=FS17.Crack.Only-RELOADED.rar&image=&ck=0
Requested by
Host: bvmcdn.net
URL: https://bvmcdn.net/opdis.js?v=1.0040
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:56a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6354b2418ef72c1586021c2a3f861cf8f5c6ca6236de7525f489cb7273cb65e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBo%2BccCdNT1OiGJtm6DcB8ii5n8YUgXXPIUGQeu0rjeIDtFbrUA1t3%2BM5AVTUP%2FXn2i3GU%2B7woVZVwx6u4qcYJfGdg4kTkysmTtuOY%2BtP4A1ByG8IcvD%2FNkXcMIGMV918wjzApmwoLPZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
6bd662c67e966937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
module.min.js
punosy.xyz/cdn/modules/click-request/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://punosy.xyz/cdn/modules/click-request/module.min.js
Requested by
Host: punosy.best
URL: https://punosy.best/cdn/v3/main.min.js?v=3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:bc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
792f79d8e2617edd8bfd06d8d252e8d0670988bc7f3670c263f7c3f3afc4f2cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
661
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 20 Aug 2020 13:33:10 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"5f3e7b96-6cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDNBOMcJJXiiAc%2BWLVATEWRETyF%2Fa1UGgQWUx2ieqmfBmCTObmaByJB4tcP0pKhdd03EqQDekeEkgY%2BE5rtD5Ew%2Bgd%2FsoXv%2F0iTf4Dh6NZOqzb17z5ryltLGzKph0n3SGJl2dRFn%2Fi9C"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
6bd662c69db85b98-FRA
module.css
punosy.xyz/cdn/modules/content-lock/ 		715 B
891 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://punosy.xyz/cdn/modules/content-lock/module.css
Requested by
Host: punosy.xyz
URL: https://punosy.xyz/cdn/modules/click-request/module.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:bc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96c2e4b059fed66baf0f62d091e73e6983474352c8a0cc7c64bec3f0db636d0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
658
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 12 Jan 2020 15:10:59 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"5e1b3703-2cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhWZkL43LdZPEwYx69vgidOipG86PAcacK6LQuhpapmt%2BHU1HWPePYzW1pIRY8TpcweqVQ2OZDe2077K7wkQIbV4OEMI%2B2N4iHDtGTjpylNj2r6otDpqeeVnzAbX0MSwCnACEB7Jv7Ry"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6bd662c6d8594315-FRA
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9487.4cXlFNG9Dk4U4Ks4jBl7QxXztHBZ8c4KcexOmZ6omnfO9hecU2PM3KK9NJCTyGTp.kS2EZig7UtMmpRLLB84mFrTf2Uc%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9487.pCKagl8ALgsb5VAvt6knCiQOD8ZcE1z6M5f1lNiWiVjVhRXBu70M9rWnK2buvAut35kIpOpjr5QZNLyyd0Vfuw%2C%2C.oZ3imG-JpQD3PXp71N9jwNQqVWY%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9487.pCKagl8ALgsb5VAvt6knCiQOD8ZcE1z6M5f1lNiWiVjVhRXBu70M9rWnK2buvAut35kIpOpjr5QZNLyyd0Vfuw%2C%2C.oZ3imG-JpQD3PXp71N9jwNQqVWY%2C
Requested by
Host: www.dosya1.com
URL: https://www.dosya1.com/yDguCK
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9487.pCKagl8ALgsb5VAvt6knCiQOD8ZcE1z6M5f1lNiWiVjVhRXBu70M9rWnK2buvAut35kIpOpjr5QZNLyyd0Vfuw%2C%2C.oZ3imG-JpQD3PXp71N9jwNQqVWY%2C
date
Tue, 14 Dec 2021 09:25:36 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
compatibility.js
asacdn.com/script/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asacdn.com/script/compatibility.js
Requested by
Host: www.dosya1.com
URL: https://www.dosya1.com/yDguCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
date
Tue, 14 Dec 2021 09:25:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3003
x-guploader-uploadid
ADPycdtH1FS7zKOVAzb_TlTmXJr4jdzOltErD3arj0lawYTGRBzAcQB2bjSZDtjG0cEfj1VOxijv7ZNkRR9PB8MuIp0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 15 Sep 2020 12:10:32 GMT
server
cloudflare
etag
W/"c2bbc1e2544049cb035c321919bef2bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=603CN1wsXCkOxfCa%2B8I5H3E8OQ1NN7kot7g%2BM8kuKuXps6dDdIvJ7XNp0lQpe9WGeeKvi6%2FUemsm8F8UQZkEx9Bt8rzXkTsjZorABUpZ3dnVS6oMUCifwSZ5v06IqQd0vY18%2BWsIgadi"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1600171832181211
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
x-goog-stored-content-length
20647
cf-ray
6bd662c73ac1177a-FRA
expires
Tue, 14 Dec 2021 09:33:33 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.dosya1.com
URL: https://www.dosya1.com/yDguCK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
last-modified
Mon, 13 Dec 2021 15:31:55 GMT
etag
"61b73d3b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 14 Dec 2021 10:25:36 GMT
main.js
bvmcdn.net/js/a776b7ed-1960-4ca9-acbc-6be8d4f0f7d1/ 		594 B
954 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bvmcdn.net/js/a776b7ed-1960-4ca9-acbc-6be8d4f0f7d1/main.js?v=0.1101
Requested by
Host: bvmcdn.net
URL: https://bvmcdn.net/opdis.js?v=1.0040
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11b6a8e1a07cb9e8221fe2e9387930182ede41e10fbc62df1278acf4eeb5835e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
324765
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Nov 2021 15:09:00 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6181548c-252"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBTT3hL8LusJ2sGFu6bCR%2FR%2BjJ54aQGnWfVarXmSu6Q1dag2t96DOhKmNGIUzENAO4PAw7d0PGyCLi0QeWnDRQOZExAMKZbrAya%2B%2Ffgjn5Hq1GiLiImGlcKOYXjJUF8rYSLA4xM8yCh%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
cf-ray
6bd662c729394e5c-FRA
expires
Fri, 17 Dec 2021 15:12:51 GMT
style.css
bvmcdn.net/js/a776b7ed-1960-4ca9-acbc-6be8d4f0f7d1/ 		64 B
707 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bvmcdn.net/js/a776b7ed-1960-4ca9-acbc-6be8d4f0f7d1/style.css?v=0.1101
Requested by
Host: bvmcdn.net
URL: https://bvmcdn.net/opdis.js?v=1.0040
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1054dad3f47490aaeddd8e840b538a62e84e6876efa972a31a58fced6862da09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
324765
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Nov 2021 15:09:00 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6181548c-40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cm%2FLQhw%2B84jwbVdhwhHOmE9X5kSLNWyiDHnGeRJpaUj4hP5foZBdhpeu1xouZgh5EESv%2B7CK67CFsf1fWOc5%2F%2BiyrX110C%2FD1J0BSAG6QkCTuSo3v%2Bke7HVi9SHeOCr%2Fd%2BuSW7efP6I8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
6bd662c729384e5c-FRA
expires
Fri, 17 Dec 2021 15:12:51 GMT
button-v5.css
bvmcdn.net/common/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bvmcdn.net/common/button-v5.css?v=1.1004
Requested by
Host: bvmcdn.net
URL: https://bvmcdn.net/js/a776b7ed-1960-4ca9-acbc-6be8d4f0f7d1/style.css?v=0.1101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2de1a59f81558706123dc04369e4cbea35aac5fe483812c6ea8a04aa9c22de89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvmcdn.net/js/a776b7ed-1960-4ca9-acbc-6be8d4f0f7d1/style.css?v=0.1101
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
324817
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 16 Oct 2021 10:57:17 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"616ab00d-3483"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=loQCnbgcxTYYHgj9avosDcG73CCXZohPULhqP773VFrBtuciLqINyp7%2BcRMFLl7c6Npvbsn2SrBynRhOu1jT1RI7Zt6gzrvjeuEfLDwSMWIGs82OJKHzCPDnamigfjqPUTigkuzviQZX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
6bd662c7395a4e5c-FRA
expires
Fri, 17 Dec 2021 15:11:59 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
Requested by
Host: bvmcdn.net
URL: https://bvmcdn.net/common/button-v5.css?v=1.1004
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvmcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617
age
7974237
cdn-cachedat
2021-07-24 09:40:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
2b50aaedc481ac5a56e54a88a5b8c43a
cf-ray
6bd662c76e811f55-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,500;0,700;1,300&display=swap
Requested by
Host: bvmcdn.net
URL: https://bvmcdn.net/common/button-v5.css?v=1.1004
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3a58d6aa6a80fd4056f5db406746636855bdefce6068d28316c291e3c8e6c079
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvmcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 08:56:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Dec 2021 09:25:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Dec 2021 09:25:36 GMT
identify.html
ufpcdn.com/script/ Frame 35B6 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: www.dosya1.com
URL: https://www.dosya1.com/yDguCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
content-type
text/html
last-modified
Tue, 15 May 2018 06:39:25 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWR7op4SNXLU3p4yhFRM20jAUp4OEQ9zWfr4msprRrSwnsMRo0sye%2BIgDbry8Uv0JEh8avzGLBH9uDTQPHdjFC9IP%2By6H0WpIGBtZW1cgVc7ByloDLIpiHDTi21eTofx32IUhsjZdHcB"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6bd662c78cc24a73-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.1.0/fonts/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
Origin
https://www.dosya1.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 09:25:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722, 617, 617
age
3606789
cdn-cachedat
2021-07-24 07:59:40
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
83760
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
de307f1be3dc90bd11d59b87e56f0e2e
accept-ranges
bytes
cf-ray
6bd662c7a835701f-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,500;0,700;1,300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dosya1.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 20:07:55 GMT
x-content-type-options
nosniff
age
566261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 07 Dec 2022 20:07:55 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,500;0,700;1,300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dosya1.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 05:33:18 GMT
x-content-type-options
nosniff
age
532338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 08 Dec 2022 05:33:18 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,500;0,700;1,300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dosya1.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 05:39:34 GMT
x-content-type-options
nosniff
age
531962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11836
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 08 Dec 2022 05:39:34 GMT
1
mc.yandex.com/watch/25655309/
Redirect Chain
  • https://mc.yandex.com/watch/25655309?wmode=7&page-url=https%3A%2F%2Fwww.dosya1.com%2FyDguCK&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A190%3Afu%3A0%3Aen%3Autf-8%...
  • https://mc.yandex.com/watch/25655309/1?wmode=7&page-url=https%3A%2F%2Fwww.dosya1.com%2FyDguCK&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A190%3Afu%3A0%3Aen%3Autf-...
331 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/25655309/1?wmode=7&page-url=https%3A%2F%2Fwww.dosya1.com%2FyDguCK&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A190%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A241997964191%3Ahid%3A339728632%3Az%3A0%3Ai%3A20211214092536%3Aet%3A1639473936%3Ac%3A1%3Arn%3A83031476%3Arqn%3A1%3Au%3A1639473936853797316%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639473936150%3Ads%3A10%2C22%2C79%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A10%2C22%2C79%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639473937%3At%3AFS17.Crack.Only-RELOADED.rar&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: www.dosya1.com
URL: https://www.dosya1.com/yDguCK
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
98803aeccf54abffa7916737427bd7bf33e91e6e4bc7163f6bd8dd6fef72c740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 09:25:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 14-Dec-2021 09:25:36 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dosya1.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Tue, 14-Dec-2021 09:25:36 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 09:25:36 GMT
last-modified
Tue, 14-Dec-2021 09:25:36 GMT
location
/watch/25655309/1?wmode=7&page-url=https%3A%2F%2Fwww.dosya1.com%2FyDguCK&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A190%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A241997964191%3Ahid%3A339728632%3Az%3A0%3Ai%3A20211214092536%3Aet%3A1639473936%3Ac%3A1%3Arn%3A83031476%3Arqn%3A1%3Au%3A1639473936853797316%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639473936150%3Ads%3A10%2C22%2C79%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A10%2C22%2C79%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639473937%3At%3AFS17.Crack.Only-RELOADED.rar&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.dosya1.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 14-Dec-2021 09:25:36 GMT
suurl.php
onclickgenius.com/script/ 		0
71 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onclickgenius.com/script/suurl.php?r=3381383&cbrandom=0.25157947766853184&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=FS17.Crack.Only-RELOADED.rar&cbref=&cbdescription=&cbkeywords=&cbcdn=asacdn.com&ufp=45863693613122790731440927200
Requested by
Host: www.dosya1.com
URL: https://www.dosya1.com/yDguCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.71.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 09:25:36 GMT
via
1.1 google
server
openresty
alt-svc
clear
chrome.js
asacdn.com/script/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asacdn.com/script/chrome.js
Requested by
Host: www.dosya1.com
URL: https://www.dosya1.com/yDguCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dosya1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
date
Tue, 14 Dec 2021 09:25:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3137
x-guploader-uploadid
ADPycdvrMQsluLnpoY-aUCktM-J8yqyNtHY9piC9BH2T5KtjDDf5651opWOr1aGterOH6HCPL1lZBrCOBXqlBcKGaSg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 14 Sep 2020 09:15:29 GMT
server
cloudflare
etag
W/"ef6565ab259dafbc08468b4d0bb46762"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FeRJSasdURYcosdpSy2LuH6mFiijZuYADbxp%2BmAXtXENztcWt%2Fc92ezWRF2Au7FOppvPrzwnLvI7UpscGyEb4UJzdOFNg7QctYtaaN8I124YTG8D155Df%2BI1VADR5uCb5QYk2jxUncT"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1600074929755781
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
x-goog-stored-content-length
37300
cf-ray
6bd662c88c3c6937-FRA
expires
Tue, 14 Dec 2021 08:55:43 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| format_time function| seconds2time function| format_data function| ajax_run_first function| ajax_run function| $ function| jQuery object| PnsOptions object| BvmBannerModule object| ogtitle object| ogimage string| PnsModulePathUri object| PnsSdk object| Ya object| yaCounter25655309 object| _0x3f76 function| _0x5339 object| adcashMacros object| zoneSett object| urls object| iceConfig object| _0x585b function| _0x1442 function| runAdblock object| _0x4c8a function| _0xddae function| acPrefetch object| CTABPu string| js_url string| style_url object| _0x30a0 function| ufpAttach object| CTAMAT number| delay object| adcashUfp object| _0x756f object| Cnac object| stamat function| NqPnfu5829520512063935 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa

14 Cookies

Domain/Path Name / Value
www.dosya1.com/ Name: _pns_Subscribed
Value: 0
.dosya1.com/ Name: _ym_uid
Value: 1639473936853797316
.dosya1.com/ Name: _ym_d
Value: 1639473936
www.dosya1.com/ Name: bvmBnsef-5bef363c-7f28-4352-a8e3-e1589c8c703c
Value: 0
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1326787390fake
.dosya1.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1207000763fake
.yandex.com/ Name: yandexuid
Value: 1986862791639473936
.yandex.com/ Name: yuidss
Value: 1986862791639473936
mc.yandex.com/ Name: yabs-sid
Value: 2209066481639473936
.yandex.com/ Name: i
Value: cHMTMVVlfq5pUlvo4jgvkfmhYKty8NZBFifL9XbroilNEqLF1C96czo8hfNuH/+Q1JzMmYwLRChq2k3tXty7R14VeNc=
.yandex.com/ Name: ymex
Value: 1671009936.yrts.1639473936#1671009936.yrtsi.1639473936
.ufpcdn.com/ Name: __cf_bm
Value: EkVccM0.NiomTzpjoLpZJ1yCunCasD8NzS1JX_uTR0g-1639473936-0-AeqxAKqYmfEjVXGFnTGPSlj1tRlI1YWRb5iKqXeUWPd122+mR7klT+GZNGoCAPhLuohPCVpwhZMNCv+ypyS8YsE=
www.dosya1.com/ Name: adcashufpv3
Value: 45863693613122790731440927200

2 Console Messages

Source Level URL
Text
other error URL: https://www.dosya1.com/yDguCK
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9487.pCKagl8ALgsb5VAvt6knCiQOD8ZcE1z6M5f1lNiWiVjVhRXBu70M9rWnK2buvAut35kIpOpjr5QZNLyyd0Vfuw%2C%2C.oZ3imG-JpQD3PXp71N9jwNQqVWY%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asacdn.com
bvmcdn.com
bvmcdn.net
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
mc.yandex.com
mc.yandex.ru
onclickgenius.com
punosy.best
punosy.xyz
ufpcdn.com
www.dosya1.com
2606:4700:3030::6815:1212
2606:4700:3031::ac43:85df
2606:4700:3032::6815:4544
2606:4700:3033::6815:bc9
2606:4700:3035::6815:56a0
2606:4700:3037::ac43:8e31
2606:4700:3037::ac43:c9d8
2606:4700::6812:acf
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
2a02:6b8::1:119
35.190.71.96
00934a731f50dbf7d592b6cfe87c7c635118f9c8bcd71d93a0d6a3cf1f11ff72
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1054dad3f47490aaeddd8e840b538a62e84e6876efa972a31a58fced6862da09
11b6a8e1a07cb9e8221fe2e9387930182ede41e10fbc62df1278acf4eeb5835e
2de1a59f81558706123dc04369e4cbea35aac5fe483812c6ea8a04aa9c22de89
2f2e64829ee2e3012c800a0654714a2e7a7f5eff855a6d9d60e11682a57a291f
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
3a58d6aa6a80fd4056f5db406746636855bdefce6068d28316c291e3c8e6c079
41fc212e9bd4e26a7fe905cad45f3a9c74513c5e5b891997b28476cfa85454f2
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946
626f55aa3d45585445a10938c940f3ddb7a68ad1013380d8bcc70ece4b08a04d
6354b2418ef72c1586021c2a3f861cf8f5c6ca6236de7525f489cb7273cb65e5
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
792f79d8e2617edd8bfd06d8d252e8d0670988bc7f3670c263f7c3f3afc4f2cb
81f49e18edcddba64f0d91472f5cd7873b59002f09db15b5f88fcdeb55a5661c
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
96c2e4b059fed66baf0f62d091e73e6983474352c8a0cc7c64bec3f0db636d0a
98803aeccf54abffa7916737427bd7bf33e91e6e4bc7163f6bd8dd6fef72c740
9af07df46611d667e616ee16e72c77d015b7d7de0fd13428333de39813694600
a8f4e745e8d8a85e4dbc92845a93a55f296c21b8e0e03cc7b9e3eddeb9656e27
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c94a19b66bab4624ccf18098a8727895bb5c448f92e9a4601270632611f2b9fd
e22f704e99e3eba37997ab10e4f6324018b844cc6473b907618c120abfffba16
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a