Submitted URL: http://paste.pelismkvhd.com/
Effective URL: https://paste.pelismkvhd.com/
Submission: On December 09 via api from US — Scanned from NL

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is paste.pelismkvhd.com.
TLS certificate: Issued by E1 on December 5th 2023. Valid for: 3 months.
This is the only time paste.pelismkvhd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 139.45.197.236 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
16 4
Apex Domain
Subdomains
Transfer
12 pelismkvhd.com
paste.pelismkvhd.com
44 KB
3 dooloust.net
dooloust.net
31 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12331
548 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 340
20 KB
16 4
Domain Requested by
12 paste.pelismkvhd.com 1 redirects paste.pelismkvhd.com
3 dooloust.net paste.pelismkvhd.com
dooloust.net
1 my.rtmark.net dooloust.net
1 ajax.googleapis.com paste.pelismkvhd.com
16 4

This site contains links to these domains. Also see Links.

Domain
www.pelismegahd.pe
Subject Issuer Validity Valid
pelismkvhd.com
E1
2023-12-05 -
2024-03-04
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
dooloust.net
R3
2023-09-12 -
2023-12-11
3 months crt.sh
rtmark.net
R3
2023-10-07 -
2024-01-05
3 months crt.sh

This page contains 1 frames:

Primary Page: https://paste.pelismkvhd.com/
Frame ID: B4A562CEF4FA0865D30DF4613051E53B
Requests: 16 HTTP requests in this frame

Screenshot

Page Title

Paste PelisMKVHD

Page URL History Show full URLs

  1. http://paste.pelismkvhd.com/ HTTP 301
    https://paste.pelismkvhd.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

94 kB
Transfer

232 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paste.pelismkvhd.com/ HTTP 301
    https://paste.pelismkvhd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
paste.pelismkvhd.com/
Redirect Chain
  • http://paste.pelismkvhd.com/
  • https://paste.pelismkvhd.com/
63 KB
20 KB
Document
General
Full URL
https://paste.pelismkvhd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e81262c82ec57ed970441644a37ad39ccb1a949603ab0371b9c1584a188cd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
832f471249476724-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 09 Dec 2023 18:23:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRnJfN%2BjkV8Vuj5L%2FveMmgpWfZt%2Fwl6pJj%2FTDv8rCs%2BG08sl%2BsgMavod6NG89m7Lva%2FBfhKkJ9k5X93IiwaC6N0ZLG8qykGm6pZoYBKwEs%2BucPrZas6EIyjyH6VPkigs4I0zQ00L018KXdX6%2FDpEaa3h8w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent

Redirect headers

CF-RAY
832f4711881cb945-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 09 Dec 2023 18:23:09 GMT
Expires
Sat, 09 Dec 2023 19:23:09 GMT
Location
https://paste.pelismkvhd.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGx5sk8WYUfeoqCYazaV4a01rKK2jehXZ1tSZK4F4C1qbEi0NzrmaDS7p7Zywf20UIpJRuB4ahmCyI0%2FE5pdhWFlQhirKsqlvGeC0Km6%2F0GeH5V%2BV2tkSSgN%2BC0d%2FzlQwwd%2BWab6vgJRgXgHPs6ZxPjTDA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
tabs.css
paste.pelismkvhd.com/
1 KB
682 B
Stylesheet
General
Full URL
https://paste.pelismkvhd.com/tabs.css
Requested by
Host: paste.pelismkvhd.com
URL: https://paste.pelismkvhd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff51434c0c65408fa69339a5d6d8f2f0f4f0d97aac2a521ca1f90afb418b3f4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paste.pelismkvhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:23:10 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 21 May 2018 03:09:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONcrP%2BXLB%2Bvj2SR7JhVcPVe7pXrx9iiRX7LSIxWJ2bRYk5Mxxy3PK1lFkbC9b4xYTJ%2BMteApvtzQvtiumYjefASTtx0Q0dTWFbc3bk6R0KhQkAI6UZJoRrngCL7gQTUNd1fVZ8oba34Jozdfm8VuP7nLOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
832f4715fd9d6724-AMS
alt-svc
h3=":443"; ma=86400
style.css
paste.pelismkvhd.com/
10 KB
3 KB
Stylesheet
General
Full URL
https://paste.pelismkvhd.com/style.css
Requested by
Host: paste.pelismkvhd.com
URL: https://paste.pelismkvhd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cd72a860de940710b41d5873c338a856f0c49d2b611ebe4d2c585abc85119b6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paste.pelismkvhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:23:10 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 30 Mar 2020 11:21:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vje5swXKmUzPoFL463qoF3QVaxHrRq4B3pgQ%2FaJVeAEANhN81QMvcyFYq1RDMUKXTvsn04BScUNuLCtta4TaYQoRyfNrCsIt2TXoofPS5%2BAnpXkUDVyj7sU8FCmdT6Qz8VqxfacCl%2BJyh5R1%2FS2y6Kcl0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
832f4715fd9e6724-AMS
alt-svc
h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.3/
56 KB
20 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.3/jquery.min.js
Requested by
Host: paste.pelismkvhd.com
URL: https://paste.pelismkvhd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paste.pelismkvhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 01:12:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19926
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 01:12:19 GMT
scripts.js
paste.pelismkvhd.com/
3 KB
1 KB
Script
General
Full URL
https://paste.pelismkvhd.com/scripts.js
Requested by
Host: paste.pelismkvhd.com
URL: https://paste.pelismkvhd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e251abb5d7b12d45ba74ce37ec7a90fc128261b2302be4cd7720e4021ca994d8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paste.pelismkvhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:23:10 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 12 Mar 2018 20:56:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dt%2BVTVP9DOQm%2BpS9yj5U01ngSeNMsZ4%2FmhN3jM%2F8gUlWlg5Qu05HB07LZTbTwXMSJu%2F3QLFklo4sshy95u6vnFOWBD7imIdqQrzg4Jf9LzUy19NB%2FZcdWmmjKU6xdRk2J9jfCDZoEQJmZQUG9hGpMATiiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
832f4715fda26724-AMS
alt-svc
h3=":443"; ma=86400
body.png
paste.pelismkvhd.com/images/
11 KB
11 KB
Image
General
Full URL
https://paste.pelismkvhd.com/images/body.png
Requested by
Host: paste.pelismkvhd.com
URL: https://paste.pelismkvhd.com/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4b86291adbd60600adaf3d740bf37d57c88c66ee50cec9c0c9cb4bc283a1269

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paste.pelismkvhd.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:23:12 GMT
cf-cache-status
MISS
last-modified
Sun, 20 May 2018 22:32:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rWZ0BGENUZSl6bucs5sRbKqPBuF5GHGqe2Rx%2BZCSI%2BFhprueoizvoyd1JZHws4jVtP7YceMo%2F8vWb%2BVfknG08RGfvuJLH4shZBC7MZ%2B%2BKEGPs7amfy0d%2FIDFfXBkmsu%2FLgVwIAVUq8Xf22tLUU2pHHDCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
832f4719da2e6576-AMS
alt-svc
h3=":443"; ma=86400
content-length
10997
headlog.png
paste.pelismkvhd.com/images/
183 B
641 B
Image
General
Full URL
https://paste.pelismkvhd.com/images/headlog.png
Requested by
Host: paste.pelismkvhd.com
URL: https://paste.pelismkvhd.com/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b67eeca4f7e8172870902f98f4cdd7b9f56eae45c53d00997f11daa806c5ba48

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paste.pelismkvhd.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:23:10 GMT
cf-cache-status
MISS
last-modified
Sun, 20 May 2018 22:33:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMeyHd4FQT7nJIsnFZ3sUymDyY%2FS%2FeGdUTxfIE19ctQHRrLXzEfrkg7AavV9dUzkkM5Q%2F7Unm1QdCm5SFetE3BrEjmE0gSMbRQ6%2BoBq7PVS%2BFjbNEjc2X8loIDDTW517tNRMH2kxgn7DqUzE9ptfCV0KVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
832f4719da306576-AMS
alt-svc
h3=":443"; ma=86400
content-length
183
menu-shadow.png
paste.pelismkvhd.com/images/
2 KB
2 KB
Image
General
Full URL
https://paste.pelismkvhd.com/images/menu-shadow.png
Requested by
Host: paste.pelismkvhd.com
URL: https://paste.pelismkvhd.com/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e3fa32d3f899dd39558f0686e433044f3cad7074fff181943479d99cf07521

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paste.pelismkvhd.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:23:11 GMT
cf-cache-status
MISS
last-modified
Mon, 12 Mar 2018 20:56:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsmIFVTTOGhhQBTau6d60ioBohG5H%2B6piTeW96ayXpS1DqZ7uRDcLeTh%2BOPDSaJLXZGCPaYxJApYGETDnFRucibCTNdD6UN8O5iEUKLO9sAmPfGAcbINFQn%2FbrxbekywObwNCJYt0eFOhY45nzIaWnxPXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
832f4719da316576-AMS
alt-svc
h3=":443"; ma=86400
content-length
1576
menu-bg.png
paste.pelismkvhd.com/images/
205 B
661 B
Image
General
Full URL
https://paste.pelismkvhd.com/images/menu-bg.png
Requested by
Host: paste.pelismkvhd.com
URL: https://paste.pelismkvhd.com/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55dfc3b7d18268bcf4f62bd6e380443f9c3dccb446e299c72fe7772e8eea2be1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paste.pelismkvhd.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:23:11 GMT
cf-cache-status
MISS
last-modified
Mon, 12 Mar 2018 20:56:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzbsgwvd9YXd3xaIwUfYBAISM%2FCNOo3Dwu33PWF2yqI%2FffEUDhJ02sYfVCHo5KQVKEsRjinck6M66v54UywoHF1lI1tNWitYvB8Z7XPMcICuMUlsdq9lBBISE%2Fu4GHN7zMdFve8w9vGYD%2FvqMKJ80UlZoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
832f4719da346576-AMS
alt-svc
h3=":443"; ma=86400
content-length
205
mm-link.png
paste.pelismkvhd.com/images/
279 B
765 B
Image
General
Full URL
https://paste.pelismkvhd.com/images/mm-link.png
Requested by
Host: paste.pelismkvhd.com
URL: https://paste.pelismkvhd.com/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
505bcf45c7b14d5f68c9ebfddf838ab636719377a49dca3fbcf576cfb3cbfa6e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paste.pelismkvhd.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:23:10 GMT
cf-cache-status
MISS
last-modified
Mon, 12 Mar 2018 20:56:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCfUJGXeTMwP7n1Zfnxzmsg97s3ynBMwexmFxWk92y1ZostV9DL6wDawaylfvs8tl1cjl80RXbiErPSxvZrUXEa%2F8jxALV7ZA0BnLeygfDQmNc1Jg1oHGMbuztgn2uqkF9YiLgkHoQFaJ6LJqAiXAduimw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
832f4719da376576-AMS
alt-svc
h3=":443"; ma=86400
content-length
279
/
paste.pelismkvhd.com/
0
428 B
XHR
General
Full URL
https://paste.pelismkvhd.com/
Requested by
Host: paste.pelismkvhd.com
URL: https://paste.pelismkvhd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paste.pelismkvhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:23:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6ijrYh1jN3QJ1%2BeDpzrftf7v25aap4QSUaigE%2FPVfZiPookmfuWwkjjYrxQTs9TM%2FCJzZaGkzZryeiPhUdoFowmo7g0Hac%2F%2F5GWWqQn1c%2FeFurr37lcbEnldY9Cvgwg2MEbvoHMD6GXCiWyHfaSuEoikA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
832f471a1a896576-AMS
alt-svc
h3=":443"; ma=86400
/
dooloust.net/5/4822716/
3 KB
2 KB
XHR
General
Full URL
https://dooloust.net/5/4822716/?oo=1&aab=1
Requested by
Host: paste.pelismkvhd.com
URL: https://paste.pelismkvhd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b86411d2011573463046860e340da8e2b91940794ef7a953520d060fa0c9e8a9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paste.pelismkvhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:23:10 GMT
content-encoding
gzip
x-trace-id
6a7740b1e48f8722f1acad02eab0c5db
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://paste.pelismkvhd.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
dooloust.net/
79 KB
26 KB
Script
General
Full URL
https://dooloust.net/tag.min.js
Requested by
Host: paste.pelismkvhd.com
URL: https://paste.pelismkvhd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d30f02bc7f12210b8f45388e88c7049b591293829a62ec1e5bcf8410eb262f9b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paste.pelismkvhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:23:10 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=1
content-length
25677
x-trace-id
d7f01ea9e325b4d3e1e7bc54a17a1f4f
pragma
no-cache
last-modified
Fri, 08 Dec 2023 18:32:08 GMT
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
footer-shadow.png
paste.pelismkvhd.com/images/
2 KB
2 KB
Image
General
Full URL
https://paste.pelismkvhd.com/images/footer-shadow.png
Requested by
Host: paste.pelismkvhd.com
URL: https://paste.pelismkvhd.com/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad101acb1e8f32be9f0a713cb8f8a33e56db4a28929c039c3035f7a6d1e9eb0e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paste.pelismkvhd.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:23:12 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 12 Mar 2018 20:56:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9uJPfJTHNeipFDhcMfuZxdGS%2BAWKS3IilI6b2dci258U5raKPTh35dwwanCVJaK7dHYSaUwFNsWvVIZXi4%2BbEq6nkwXT8E3nf9xzA4i0IqTiyDxXrOlqZCQc0Q2dhhVHjJJb1rqx%2BMLa%2B4VZ6T4YCwDHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
832f471a2a8f6576-AMS
alt-svc
h3=":443"; ma=86400
content-length
1571
gid.js
my.rtmark.net/
65 B
548 B
XHR
General
Full URL
https://my.rtmark.net/gid.js?userId=6a85cb8e81434da18d397a7d5578be5b
Requested by
Host: dooloust.net
URL: https://dooloust.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
fa87754b1388ee190d321ada72f9ed353284c39eb01d9e0e0c7847659d9d72c1
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paste.pelismkvhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:23:10 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paste.pelismkvhd.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
/
dooloust.net/
2 KB
3 KB
Fetch
General
Full URL
https://dooloust.net/?rb=JOI8r22dwSEjs6Br6jmth77a-_TMde4hzOA-u22Mq0ErA52GEgo7vVeSp3dRP2dhGwFgBUDq3DPVnTSJ9V1f-RhRQPPfEEtZCw9zccoSBWvrGthnYvyC-MfngVXndhtcYEoEzPNg4hayPE5CGDTsYyLiF_Xq8-ww-alu0kvTCJ8QeU4LJ0lWfv02QhLq1POJ3mBH26HoLa2IqYk8lhUT3Ueic3Zi8tH8AItT2cESkKjDThHKm9on6KQ963bhC3N87OL1UZOJSGDJrX2FLpjg3APj6eYOV0iJ-5KDfw%3D%3D&request_ab2=0&zoneid=4822716&js_build=iclick-v1.642.1-auto&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=1&pl=https%3A%2F%2Fpaste.pelismkvhd.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FAmsterdam&bto=60&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.642.1-auto&bs=492131f2-21ff-46fd-9b03-c3923e5adab3&userId=6a85cb8e81434da18d397a7d5578be5b&m=link
Requested by
Host: dooloust.net
URL: https://dooloust.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
211ac6330b4ec9120f9af5bc3195ab55c119bfd3517fa952f9136a4fb67e7c60
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paste.pelismkvhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:23:10 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
6f9a478bc5f63bc149c41b99c41eeff9
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://paste.pelismkvhd.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| $ function| jQuery function| bb undefined| actBBc function| BBhover function| TTab function| htmlEntities string| k object| _vzccu4pheij object| plbxeyhwnc object| zfgformats function| setImmediate function| clearImmediate function| _rqfhfiv function| _tqlfoex object| zfgstorage function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup boolean| zfgonclickfirst object| syncCallbacks

5 Cookies

Domain/Path Name / Value
dooloust.net/ Name: OAID
Value: 6a85cb8e81434da18d397a7d5578be5b
dooloust.net/ Name: oaidts
Value: 1702146190
my.rtmark.net/ Name: ID
Value: 6a85cb8e81434da18d397a7d5578be5b
paste.pelismkvhd.com/ Name: prefetchAd_4822716
Value: true
dooloust.net/ Name: syncedCookie
Value: true