| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css | 104.17.24.14 | 200 OK | 19 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css IP104.17.24.14:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (52276) Hashded1c367363e8b20bdc6a19b8350a737 8c06d82739d14b094ff6d9036021a252bd1d985d 1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: text/css; charset=utf-8
content-length: 18752
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6421d693-4940"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 119834
expires: Mon, 07 Apr 2025 03:08:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JiRUYWvUWTJnRkfUGZx7%2B7DSZPd8yKWVUWS%2BVSVPw2SINYrAR2IklxshAQsfLNv466WlKMIY0YNcvTJ4D1ofFQgS7j5mGKc2E%2BVvH0DLMoQ61yWxYgEhckvvhaIgXLFTaa%2B4CgTF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875936b5bf9c56bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js | 104.17.24.14 | 200 OK | 28 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP104.17.24.14:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2848846
expires: Mon, 07 Apr 2025 03:08:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BhFhooFJNtb4VSkx367Z2oDp6tmGu%2FkS2%2BIv5MRUuf3JDSCnZ6Ko5%2FnigoKfMfBBjNivoAOeQIZkpqbp3dPbu7vibY4ZKZ1TsdXyPSHQTBxc1Ch2HsGYVN3u%2Bw57V5AD45XKA6%2Bh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875936b5efa556bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-HKXR34F8P3 | 142.250.74.168 | 200 OK | 93 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-HKXR34F8P3 IP142.250.74.168:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3034) Hash46961dbaacc14d0a33c8ad2e6cf41696 53a81c9ab38b4cfbeb5c7b7206c0d31a8e07483f fe8e6b9c29771862b453ff2ad7b55e3cdd073477623a6822ddb4018f8b56af3f
GET /gtag/js?id=G-HKXR34F8P3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 17 Apr 2024 03:08:59 GMT
expires: Wed, 17 Apr 2024 03:08:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93135
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap | 142.250.74.106 | 200 OK | 1.7 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap IP142.250.74.106:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash213d440b827aa0242802ca6bfaa26937 4176157d7cd5060d897f6ebbe459f64346ccd229 3f062198a1ba82644577cbbcdc061ed702ed9d13f4adf49dad8bb71b6b6dd159
GET /css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 17 Apr 2024 03:08:59 GMT
date: Wed, 17 Apr 2024 03:08:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 | 104.17.24.14 | 200 OK | 25 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 IP104.17.24.14:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 24948, version 772.256 Hash61f30b79daf5b31f0d254a31fba66158 fb363d27cfdfe71a243fa2ac3dab2815232b9b7e 8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35
GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 24948
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-6174"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 120312
expires: Mon, 07 Apr 2025 03:08:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PBhgNDY8aaEK9ECtjOpSdN3Lqr3guCLmutGJPwBlbKKRCHISavJMTQGjDk%2FRgYwVE0WR5nUHV8GrHlnicZuWJWV1MDk6lWczNh6ruwQH6agXnPWCzl0FUWF9ODfubCpQIGDpp7WQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875936b9e90756bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| paste.fo/assets/svg/twitter.php | 172.67.144.225 | 200 OK | 151 kB |
URL GET HTTP/3paste.fo/assets/svg/twitter.php IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeexported SGML document, ASCII text, with very long lines (1054) Size151 kB (150720 bytes) Hashcc846134fcb44b9037eedbe94d351335 02ee7a8c7cfb91ddb05a2d08e9335d408384ea49 b69cdc4a1472bc829f824efa2102ee740c0be093c77e6c935d08bf2347bc04a9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/svg/twitter.php HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mfuq2kTzwBdYJIxoSaXAN8n%2FuSG7RGxAwkUs4PTwkiJb0aFKEuQ1%2BUo1LRwGu6R3RNE4Besme1UQAetr0BlHDSqb8eIcw9%2Bj9xMC0aAg4THY1E0EDBht8nNOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b5aa37b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/assets/img/bg1.gif | 172.67.144.225 | 200 OK | 25 kB |
URL GET HTTP/3paste.fo/assets/img/bg1.gif IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashdcab8f9443952c7589be3e4db6072853 824ca8c921eeca604844d3f00d08691631199201 a1a2a8e83029575fa6afde2c7b946fd3d98407fccf673c587aac398cd2fc8cef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/bg1.gif HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: image/gif
content-length: 24898
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "6142-614ce4abce86d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4059
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qmGWjGcM5LkFlCqQFxfXPwgJSFySz%2FJtl9vsSWJ37bTE9bvfLuviYMtUNpBccPN81X%2ByKDCqLTX8S%2Bf2Os%2F%2FNGQpOFlpINfZ0LZFh%2BXCvfU8ZxoRPEttC2Pd3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875936b99bb7b505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/assets/js/hyperlink.js | 172.67.144.225 | 200 OK | 1.0 kB |
URL GET HTTP/3paste.fo/assets/js/hyperlink.js IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (630) Hash754527075e7f43e5b376a6879d591ad3 019edc8ec844b25f28c0049c56aa09c5cc0a5121 d5ff35dd76c5fa9ebfe3b89012a8dd40e85a89ee50f4f85623d338f0514e15d4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/hyperlink.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2060
etag: W/"80c-614ce4abce86d-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4061
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qYKEqkw1XGWbWL7XnTrR3FjG9aGjiUfm6YDGvPAK2jz%2FeL4vEeVq4cm3hVBSDTyDa3ECscd6NFfyNFro3uYdobAcfwRPEskhmvJgqN%2F1plZ3Sklb%2F8ZR3VIJfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b5aa30b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 172.67.144.225 | 200 OK | 22 kB |
URL GET HTTP/3paste.fo/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hash156dee5af63f6f0afcb35435e11dd44e 33e56429413b31b778d4efc2079cbb4eb301737a 4bcda3a29b920ab13544e2898b648c4314520d95ba326e953875e360a3e42995
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 08:31:34 GMT
etag: W/"661ce5e6-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q45i1C5DojrRylfPG2i2Csf%2BGJN73J3qhAiQ4PGgQcBNWjbk1mSkBsquQDqBGCVM%2BJtnntM10SAfh%2FQ0NPcOGVWS6iiHUzBi%2BjzJH8wOOjsorPrNKsCJ9BczGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875936b5ba3cb505-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 19 Apr 2024 03:08:59 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 | 216.58.207.227 | 200 OK | 22 kB |
URL GET HTTP/2fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 IP216.58.207.227:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 21528, version 1.0 Hash6113a25a586aeb6d0d3af5b5b652b973 25619eeae1fe17389310e4d392c427b7711dba44 539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f
GET /s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:41:26 GMT
expires: Fri, 11 Apr 2025 17:41:26 GMT
cache-control: public, max-age=31536000
age: 466053
last-modified: Wed, 13 Sep 2023 23:21:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 | 104.16.79.73 | 200 OK | 28 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 IP104.16.79.73:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typegzip compressed data, from Unix Hash5108d118ad4af913cb82e0e2eb99f397 effe05a0bf22efd38247688214a287e80bcfa760 0083e178b0bf2feecbed18d239e486f26f52ec3949b4e0f146fe9bdc530fa920
GET /beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2023.10.0"
last-modified: Mon, 15 Apr 2024 22:09:58 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 875936b5ec3b1c02-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| paste.fo/assets/svg/thumbs-down-regular.svg | 172.67.144.225 | 200 OK | 1.3 kB |
URL GET HTTP/3paste.fo/assets/svg/thumbs-down-regular.svg IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash474a2e020269034a296989b87f4c7833 5a4f05d10c284d86bd395bd1ee9ea783ce7aeea2 d978602a2ebecea81d86f2664b8919dbeaa3c3904513eec9e940b0e08b8f9c73
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/svg/thumbs-down-regular.svg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"5f1-614ce4abcb98d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4060
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2FNiI8ozfn1FJMifDk%2BLPQMhA3TNJsk1dYynpsPJeeVA4RBuaOLFnVxDXoN1SR7XjFa6UTBxHT0qxLRFj5GISAks7P%2FSaReZwtuUaiOMX6WXww%2FEaDWWZ%2FkXTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875936b5aa34b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/cdn-cgi/challenge-platform/scripts/jsd/main.js | 172.67.144.225 | 302 Found | 0 B |
URL GET HTTP/3paste.fo/cdn-cgi/challenge-platform/scripts/jsd/main.js IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 17 Apr 2024 03:09:00 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UIra7%2FYxC5x5Q38bx2%2BXVtSYR4iEpkeKinGIvIoNI8hkMrwZiKmMtGwtq9KnOeNsx0RQ9vjxd4YSYQMnuBrYm40rPUb9aBWvLmhTL4fUAVhzmWGzzTV9wZokGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875936bb7c49b505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/cdn-cgi/rum? | 172.67.144.225 | 204 No Content | 0 B |
IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/rum? HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1029
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a; _ga_HKXR34F8P3=GS1.1.1713323340.1.0.1713323340.0.0.0; _ga=GA1.1.1596048308.1713323340; cf_clearance=UxXUcmdERQs_RGVMgECddqRz6NyorxZQfeGug6fs0Zo-1713323340-1.0.1.1-PeS_e9AQfAVkmlZMXBmvYKk84euqTAudBcggOGIxpYoM4ekBdYr3DNOewWXd6.b.ZGT9IKJNsxm7SG7D9ODB4Q
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Wed, 17 Apr 2024 03:09:00 GMT
access-control-allow-origin: https://paste.fo
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 875936bebd9ab505-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| paste.fo/assets/svg/discord.php | 172.67.144.225 | 200 OK | 4.5 kB |
URL GET HTTP/3paste.fo/assets/svg/discord.php IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeexported SGML document, ASCII text, with very long lines (1557) Hash9e11d725232644a01452b56fe0fa8bcc 72bd4257388bceb963492b4e6c4a72cad7d3be96 99d543831ee87e57ca87d24cc16028b0e7784a41754b95ade07e069ef56ff8a3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/svg/discord.php HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdoOnz5zvySN8E9ZskFjdjEUWCwJLejCyVbmpb6YJcN8vmp7TYFiBK1g6s%2FAv7Ug90XZNBt2%2Far%2BZBszK7EsAd%2BBvX0xnXXkvOjUlS8QnrvdrAze5sdOMOVwvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b5aa36b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/assets/css/user.css | 172.67.144.225 | 200 OK | 1.3 kB |
URL GET HTTP/3paste.fo/assets/css/user.css IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (5214), with no line terminators Hash45159948a0d994fd556fdf10f6b38726 e8979376755cef038f4758ea0d233b04c9f787f5 9924b095678c7bb39f02707339cc66e43e2e3c5b303ae40a794fdd701ae8745d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/user.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7053
etag: W/"1b8d-614ce4abcf80d-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4063
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dv%2BqNZvPnPdI8mMIekuVkGfq5lQzbPTp1nhJKN8%2BFdGrhqilbv5cQ9DCX9cn%2BPG5PPcw9lU8jD2mSyp2Wbc8MjzhvWx4E2GVYWFkG1BvHCP9kJCx0LDtMcLZHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b56a11b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/assets/css/cio.css | 172.67.144.225 | 200 OK | 866 B |
URL GET HTTP/3paste.fo/assets/css/cio.css IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (1152), with no line terminators Hash6a91b9352b213689c0432bb87eddb2ae 4a9beb1f3a827dee5a03a246a296fac2f3677165 5721962451086a4c469a6d1b1e4cc133f03c3ea0377916a91b45373463855620
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/cio.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1653
etag: W/"675-614ce4abcf80d-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4063
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vy7%2Bup85%2BSamYAtvevjSTqH49IpOdiJo%2FF4WeIv%2BzY4M%2FxTGiCMHOnWiFHvzElQotElVPE%2B5SyWIWEh%2BD0x1DH5WiKFvQJbRqwGDJEbSjW2WaS%2FuTSv3KKJBxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b57a13b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/assets/css/style.css | 172.67.144.225 | 200 OK | 2.8 kB |
URL GET HTTP/3paste.fo/assets/css/style.css IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (10693), with no line terminators Hasha9579467f8b95bbcdbd6232105e6a253 df9b19ccebf1eca5fe14169881b132813919345d 22877d598e09dd9f8452f52a500181eae909e3f4aaa4d4c49e0b0b18cfbd60da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/style.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=15702
etag: W/"3d56-614ce4abcf80d-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4063
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kgGiwahB3pBHn40I8lJK1TwD1JZCLQo1umuV92G27xf7v9MZlFJW1hdu7iYbfoMfn%2BZZbwqd9d5nZfKz2aVnizU5cGnB03EmcIPK2d4UfeOfwvyc6B28Ea5U1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b56a0fb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/cdn-cgi/challenge-platform/h/b/jsd/r/875936b28d6956c1 | 172.67.144.225 | 200 OK | 9.7 kB |
URL POST HTTP/3paste.fo/cdn-cgi/challenge-platform/h/b/jsd/r/875936b28d6956c1 IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashf6ed4f58d663a5c394adead4d111e821 6d525c708e8d0bafe0e889020e31e31f0c9bcb6a 48af020cea0dd438e79c1438fcc65e72a13525fcb623d40b160ccb82e6dcd4fd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/jsd/r/875936b28d6956c1 HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12137
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:09:00 GMT
content-type: text/plain; charset=UTF-8
priority: u=3,i=?0
set-cookie: cf_clearance=UxXUcmdERQs_RGVMgECddqRz6NyorxZQfeGug6fs0Zo-1713323340-1.0.1.1-PeS_e9AQfAVkmlZMXBmvYKk84euqTAudBcggOGIxpYoM4ekBdYr3DNOewWXd6.b.ZGT9IKJNsxm7SG7D9ODB4Q; path=/; expires=Thu, 17-Apr-25 03:09:00 GMT; domain=.paste.fo; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3NW5X1ZGAhxry2f7t%2Fs2klwFUijOyjwhmddwTQtMQihQBTzZ%2BjdqZrdBFoqi2g3N6Ybxcv%2BFavRPzCXXlNIgK3fBzhkOmwjxFnbtA4fVotP9rsn0yeicmtRXUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936bcecc8b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/8EA47129MC594641114703161F0F4F5B57044B525E1F5F7D4F1A164F7AMB4E5D185259554C021C0A5659560908040255531B010C57.jpg | 172.67.144.225 | 200 OK | 3.0 MB |
URL GET HTTP/3paste.fo/8EA47129MC594641114703161F0F4F5B57044B525E1F5F7D4F1A164F7AMB4E5D185259554C021C0A5659560908040255531B010C57.jpg IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 440 x 110 Size3.0 MB (2976372 bytes) Hashcb79bc28e3c3ba33333888fcb030230c 11ba702c3f4f15cc3c7f3c8fd1e02ba942b8263e d3368a09ea42337f4d04b6866aed64bf35c79e264f587ad051c72f0b4376eaed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /8EA47129MC594641114703161F0F4F5B57044B525E1F5F7D4F1A164F7AMB4E5D185259554C021C0A5659560908040255531B010C57.jpg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: image/gif
cache-control: public, max-age=14400
x-wp-cf-super-cache-cache-control: public, max-age=3600
cf-cache-status: HIT
age: 468
last-modified: Wed, 17 Apr 2024 03:01:11 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NFCiqZJOUUPH8NmqKPeqfHTwqcJZOXehGu92JuB94Xi%2BNBRPdJ3jBwDXefVfZageozSOKNQNumSGgXsSlWDF7lgrKap9pPNrH%2FRbJTBvUn3q4lLSpBxph2c3gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875936b98bb1b505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| newassets.hcaptcha.com/c/282d0ff/hsw.js | 104.18.125.91 | 200 OK | 238 kB |
URL GET HTTP/3newassets.hcaptcha.com/c/282d0ff/hsw.js IP104.18.125.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0a4lo9bkeg5k&host=paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fpaste.fo&size=invisible CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size238 kB (237491 bytes) Hashf593c8f46e9cb4a93e13a33ec29e7214 40817a1a4bc1e5418a8cba7ecfcd5d10e5dd6e5c e9299541a3837fefdaa7e596c82626eb26d5774273b13a2590cb4a71845880f5
GET /c/282d0ff/hsw.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:09:00 GMT
content-type: application/javascript
etag: W/"f593c8f46e9cb4a93e13a33ec29e7214"
cache-control: public, max-age=3024000
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 22 May 2024 03:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875936bf1a08b512-OSL
content-encoding: br
|
|
| paste.fo/assets/svg/email.php | 172.67.144.225 | 200 OK | 9.4 kB |
URL GET HTTP/3paste.fo/assets/svg/email.php IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeexported SGML document, ASCII text, with very long lines (576) Hash228beb59530af110cfac760f33b0868d 4c6909e4a1939dfccf4e38d430a39855d35bab47 779ff7dada730e034b90d2a74d93fc1fc74f332819bce6d98d81f4d42762e37c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/svg/email.php HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6dgsPgMZJBQaHCaYEBJxwoNPz87LjcAJpv51Y4aaoRZIzPnKLaVdivsaIV2d5K6tURfmcLPPwLPOavY2Ss3SF4S8OSydN%2Fo%2BWDyTLZ%2FLnfLWoWe20Ev51YTRPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b5aa38b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/mode/python/python.js | 172.67.144.225 | 200 OK | 123 kB |
URL GET HTTP/3paste.fo/codemirror/mode/python/python.js IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1008) Size123 kB (122718 bytes) Hash0f85fa739faa6c58233a3576fa0bd324 d9abf35ff26170be2399e4432785ac152ddd711d 08c699cbbadb7aafb466ebb10da8b506cd3af41f400279eafcb7ef95b8d02839
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/python/python.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=14926
etag: W/"3a4e-614ce4aba5830-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4061
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vtNRtkYhoynYD7kODvXuiQ9LcHzpxNIemAnKTaQLVMvM3zMZ6m8g27DtUSDJ%2BfDRqj%2FRHHlRuu%2FheGuV7FXPxEJlYeby4WoBEwD4bCUzREFRUh3Zr4NAiqMqaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b59a29b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| api2.hcaptcha.com/checksiteconfig?v=b1c589a&host=paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 | 104.18.125.91 | 200 OK | 7.0 kB |
URL POST HTTP/3api2.hcaptcha.com/checksiteconfig?v=b1c589a&host=paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 IP104.18.125.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0a4lo9bkeg5k&host=paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fpaste.fo&size=invisible CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Hash16a817c5e8313c84ce9026f7a7a8b80c e91b66572a3f8d5017d902c939435406e047fe5d d692d2b8356ef7a0f3fffc1a72cf7861121ea3bfdb9a05dada5f03cfda508917
POST /checksiteconfig?v=b1c589a&host=paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 HTTP/1.1
Host: api2.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://newassets.hcaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:09:00 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28vk2VKwPbLoawFj9mU2fhedYxxWRCyUU4LR5W71o; SameSite=None; Secure; path=/; expires=Wed, 17-Apr-24 03:39:00 GMT; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875936bea9dfb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/CSSk82c5f021f1e6e4.css | 172.67.144.225 | 200 OK | 4.4 kB |
URL GET HTTP/3paste.fo/CSSk82c5f021f1e6e4.css IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash561f0f3d4e1cd22752c65159d6128b54 2a71aed51d17439c279f8683417860223669adad 3aa54649c7e26f284f605e98177ed669717e3253ff2fa7ed57b9a252d71ebfa4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CSSk82c5f021f1e6e4.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Wed, 17 Apr 2024 03:08:59 GMT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CpmjhB6dP4NDLLKYlD7rE7KHMkgT4XE02hd6jdlarNz9XWzfCXFYJLGbUiz59f8J01Sdu8WGQUTYCTlHqZ%2FjhzAI2GrKcrdaoEoq9PUVBiOtII3Qem%2FH0%2FZZtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b5aa31b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/22157718MC51411211450A4C1708170C56041C560C1E460319075E725AM71D011C5E51561506145704580109530E070B011A015B53.jpg | 172.67.144.225 | 200 OK | 6.1 MB |
URL GET HTTP/3paste.fo/22157718MC51411211450A4C1708170C56041C560C1E460319075E725AM71D011C5E51561506145704580109530E070B011A015B53.jpg IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 600 x 150 Size6.1 MB (6077928 bytes) Hash8efbbc09e3210135e3e396c3ae25882f 0277c6e3e06293b25e3530f6609ea960386f5cad ea8595f0607090ccda626efbd182cb343f6200ae1809258f6e78cba24a67e066
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /22157718MC51411211450A4C1708170C56041C560C1E460319075E725AM71D011C5E51561506145704580109530E070B011A015B53.jpg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: image/gif
cache-control: public, max-age=14400
x-wp-cf-super-cache-cache-control: public, max-age=3600
cf-cache-status: MISS
last-modified: Wed, 17 Apr 2024 03:08:59 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vJr0xxBjKtxdjcn%2F40Q7XDEHmy%2BKKd2tNjZbRftvvBuAT4DYvFS07JJMzkGFMbHWy8SdG0pm3RhrofRa9ugluCKOid7MsVnwxXn7V3UaYq8%2BgUd3fZbqMjUrbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875936b99bb6b505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/cdn-cgi/rum? | 172.67.144.225 | 204 No Content | 0 B |
IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/rum? HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 481
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 204 No Content
date: Wed, 17 Apr 2024 03:09:25 GMT
access-control-allow-origin: https://paste.fo
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 875937575bf0b505-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| paste.fo/codemirror/mode/javascript/javascript.js | 172.67.144.225 | 200 OK | 30 kB |
URL GET HTTP/3paste.fo/codemirror/mode/javascript/javascript.js IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1412) Hashb5bf8a874f93ad7109c420727888ad47 8d08219bc1257d5537a649cac713ef426158b9a8 4a0ab339997f3729a8eb6a08fca6574408918d1684eaee21760a438bbea82189
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/javascript/javascript.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=38892
etag: W/"97ec-614ce4aba5830-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4061
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mUx1cNsdk2r0O58%2FZMuwUSN2ylpv8qOgFk%2FaZNNXnblDIYSUr0iIGaQX4oLA2Awc7fWPltn4g9pk4%2Bw24qOf%2BMw1gA9xH1Ic9tuI0xTwPO3lIHof8r77AJlfdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b59a25b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html | 104.18.125.91 | 200 OK | 1.7 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html IP104.18.125.91:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typeHTML document, ASCII text, with very long lines (1768), with no line terminators Hash825c2f21a9a22bd9911e6686ced37ded 74f703bdafeabb1aad6a04b073d1745298c111dc 0624e04628b8b0d5f77b594b9ef1408296a1774109a47d7c1ac402e1d2636350
GET /captcha/v1/b1c589a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:09:00 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 01 May 2024 03:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875936bb488fb512-OSL
content-encoding: br
|
|
| js.hcaptcha.com/1/api.js | 104.18.125.91 | 200 OK | 0 B |
IP104.18.125.91:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/api.js HTTP/1.1
Host: js.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/javascript
etag: W/"5a68efa2b964d5c167fde3b130af8e94"
cache-control: max-age=300
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 01 May 2024 03:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 875936b60cc05699-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| paste.fo/codemirror/lib/codemirror.js | 172.67.144.225 | 200 OK | 262 kB |
URL GET HTTP/3paste.fo/codemirror/lib/codemirror.js IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2035) Size262 kB (262407 bytes) Hash9775b8d7cc0bda6b762fcef0f617a5dc 42c642c7a6c070207773fd5ef00310ed4ef8380f c6f3c3f85b438110a153601b764ec02d90a4899c37e7699e9187c01fe5b96c45
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/lib/codemirror.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=401347
etag: W/"61fc3-614ce4aba67d0-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4062
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pf2wKHT5EOty%2BJZlQrRMKietX5tIQTHZVhlZJI6Evq%2BJWDh%2F0rpEo6t%2Bd8m9FqGGL1cloMonZdpjlMBxo18qH%2Bh925KmqEk9uNQ6mId3ea0S74TcpPStD9vdlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b59a23b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/assets/css/responsive.css | 172.67.144.225 | 200 OK | 4.6 kB |
URL GET HTTP/3paste.fo/assets/css/responsive.css IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (4570), with no line terminators Hash85e024d58588895496ff6e65f47a0484 ff6cb78df5ee61dffa425ace5283407ee562e4af fd51897bd68e6bdf326bfb11b3580be32da026ab50c5e494677b202f93822877
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/responsive.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7512
etag: W/"1d58-614ce4abcf80d-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4063
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AmDGwyFiXaTDY9rkzMdxz%2B2WNoY48bnozxu2xj4EXUtZePLYu9APyHQes1RZeMYKU%2BGRJ1wWV0MEbwS1zQa0sWkpXrvVHLwZUa6289U1dU4izXwsJ%2FGOCxgspA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b57a12b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/node_modules/sweetalert2/dist/sweetalert2.min.js | 172.67.144.225 | 200 OK | 43 kB |
URL GET HTTP/3paste.fo/node_modules/sweetalert2/dist/sweetalert2.min.js IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42951), with no line terminators Hashf15be88a3c9bf40debcc080b125c7e91 4a636976285768dd43278f43d63ba5779f3f493d 8c80ad67878fb50120f124f112bf665e7804452332970d3279b571b13a26d910
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /node_modules/sweetalert2/dist/sweetalert2.min.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"a7c7-614ce4ab9fa71-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4063
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PpJmPpFihzaLXrxjwp%2BuTnBHjizQ%2FQXRapJbbBT79955Ui0xVsN9QYxY6fbGe36SNP7lrzLJl0kidf1r9ONBoN%2B3ZyZEG5znIBJIE6jjIM2dnWyox0EgWYpHuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b58a1bb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/lib/codemirror.css | 172.67.144.225 | 200 OK | 6.3 kB |
URL GET HTTP/3paste.fo/codemirror/lib/codemirror.css IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (6275), with no line terminators Hash2562bc2e52c5852b18e87ec08978ba49 54c7e49460f3235492050057453609fedcc01e09 73d08a4fac48937ec5ce812b154c088351783009eba0c22644ec91ef9a0c0ff2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/lib/codemirror.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=8720
etag: W/"2210-614ce4aba67d0-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4063
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f6yEVAP1tZvGEb68Ee26IX3qigVUClB7Hn8i0LMOywQTQTd6KtR1xOmwrwFKcHilouomVI718vLFbRR8fh6LWRWSkUFlVtJr0mYa3w%2FlpAYKSblMh23zK1u86Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b58a1fb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js | 172.67.144.225 | 200 OK | 7.9 kB |
URL GET HTTP/3paste.fo/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7886), with no line terminators Hashf1527b48a6a5e161cabae657c4612a99 42cf5a8668878b42a7133bd0843d040286b8228f 6129a122ed49ae679e776b541df6be7a0b33b3a824dc2a043552b9ccaf7958cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:09:00 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
content-encoding: br
vary: accept-encoding
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HAulU9RN8uxiEVW%2FfQWYhIQ0fHFj%2F5k8J7L0fX9p4rO9kDXlhNG25yAGHh2k21VwYALA%2BdRVYU8CuIgbOlr90FYv6TR4WP0F%2F27m%2F1MCD0ToM0u9D1Ne3tpLEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936bbac5bb505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| u.paste.fo/api/send | 172.67.144.225 | 204 No Content | 0 B |
IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /api/send HTTP/1.1
Host: u.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://paste.fo/
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
date: Wed, 17 Apr 2024 03:09:00 GMT
x-dns-prefetch-control: on
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
access-control-max-age: 86400
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d1LZwq4hvvYeu4mnsPA%2F%2BoCOg6zSIpCgnlcyLZj2I6NKbWqMrGFyswprRRDqhqlsBaHCCcrXKCNMoJ6euLIWXlNF74jbxtFXhPPEUk6o4xuVjjKMEtw6%2FKFAYE86"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936bebd99b505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/mode/css/css.js | 172.67.144.225 | 200 OK | 33 kB |
URL GET HTTP/3paste.fo/codemirror/mode/css/css.js IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (19025) Hashcbeb7b6de8ada022149bfa4792e625ce 4f4f5c1bc7dfa002df676fa44ecd6d7294ba4c12 dea0ae84464fd019f70399964e19a94d9c27086aadb937e522e7a7862080132f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/css/css.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=40492
etag: W/"9e2c-614ce4aba67d0-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4062
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QHyBSyKwReF1z6BJ6RwNiUhmEgHppgMQnQRRZkvteE8%2FisGCTMpw5XviSt0fbFY%2BQUIZhNnLG0%2Btt33LgA%2BgNUV77Avds0d2njVpBO1gPoYYfvgMeZ4YMCVImw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b59a26b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js | 104.18.125.91 | 200 OK | 387 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js IP104.18.125.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0a4lo9bkeg5k&host=paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fpaste.fo&size=invisible CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size387 kB (387091 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /captcha/v1/b1c589a/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:09:00 GMT
content-type: application/javascript
etag: W/"5a68efa2b964d5c167fde3b130af8e94"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 01 May 2024 03:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875936bc48d4b512-OSL
content-encoding: br
|
|
| paste.fo/node_modules/@sweetalert2/theme-dark/dark.css | 172.67.144.225 | 200 OK | 24 kB |
URL GET HTTP/3paste.fo/node_modules/@sweetalert2/theme-dark/dark.css IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (24342), with no line terminators Hash80b002261f8a746e3756d6883342252a c8282deb8dfdcdf89ca54c6d6e34b23bc2beeb22 6b7dfdcc77e85a9db663a990f749d892c774f63254404cf2a72b312a8136bfd1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /node_modules/@sweetalert2/theme-dark/dark.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=30018
etag: W/"7542-614ce4ab9ead1-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4063
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tCG%2FpzjrhqFJqsCZiiplCWBHG4PcAy%2FwynfHLNonOQxRJ5j6SQCZqFvC3SV6EHvYiuSVq7J4Hdw53GIW2v%2BBbyLRFu2Eexv%2Fy7EBDmGRIJeptENQjBjK8I4J4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b57a16b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js | 104.18.125.91 | 200 OK | 387 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js IP104.18.125.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=1t9vzl6l9a7s&host=paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fpaste.fo&size=invisible CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size387 kB (387091 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /captcha/v1/b1c589a/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:09:00 GMT
content-type: application/javascript
etag: W/"5a68efa2b964d5c167fde3b130af8e94"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 01 May 2024 03:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875936bc48dab512-OSL
content-encoding: br
|
|
| paste.fo/codemirror/mode/sql/sql.js | 172.67.144.225 | 200 OK | 50 kB |
URL GET HTTP/3paste.fo/codemirror/mode/sql/sql.js IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (43375) Hash3cdc1020173551b4420eaf86ba005542 b8d24d2ff67841845091e27077fb018dfd90dfcb 319f94b54817677bb7cb4b39e3c1188b7036b60f6e83d7fe4dffcedda4244713
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/sql/sql.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=59538
etag: W/"e892-614ce4aba5830-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4062
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=235G%2BpcAVhOn1EaDGniYYJvhblQhH6pkrh0nO8UDjcRhZAetyBwHnZVVSub4NhXucuKP%2F%2FD3LuPXMXjtH9dPPtziMLAnt6MHo91iKD%2Fq%2BgRGF%2FBGOO1N4m8roQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b59a27b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/mode/htmlmixed/htmlmixed.js | 172.67.144.225 | 200 OK | 4.3 kB |
URL GET HTTP/3paste.fo/codemirror/mode/htmlmixed/htmlmixed.js IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (4466), with no line terminators Hash73c369bccf3c673d012a47bedd8b20f9 ae45e0588f3aabb9a119bd6b02f13cdc104c3280 e45f8bf1878c28fd125fa5dfc9ca4cadf247e70f5e5dbef0011fde8c76549b8f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/htmlmixed/htmlmixed.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5688
etag: W/"1638-614ce4aba4890-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4060
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NkjeF5ZnlLBQTyj9NAtVTTCCXPtV53Ld90cT%2BxqR7nlYcv4a6pZh8m6eHPkRfma9L%2BjLqtbwo0alFRqxhz1dGfazU6oxVIFXui7gKQsLKQ6iB7Uk5uk8wmGqHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b59a2fb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/mode/shell/shell.js | 172.67.144.225 | 200 OK | 3.9 kB |
URL GET HTTP/3paste.fo/codemirror/mode/shell/shell.js IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (4178), with no line terminators Hash1fb1a5f0a5a0f7f83eb82387db65fc74 a5353d03502f139dfa6d0436d3d904fd4a9c8100 afdac0b80c01d7befa0215123909a24ddec78f9148282e962894284f1a5762a6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/shell/shell.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5383
etag: W/"1507-614ce4aba2950-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4061
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5l%2B2wrRjFO1hMItyLXiK%2BvrR4DwtckMxdLHB0RzPXHVNgrPZJQUSVI%2FxoSAsN3wNNCRbRRjXuIctQIHz9zV6reNLXzojWmxGpjk7fRjIcKi5qIJEsELLBMY%2F4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b59a2cb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html | 104.18.125.91 | 200 OK | 1.7 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html IP104.18.125.91:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typeHTML document, ASCII text, with very long lines (1768), with no line terminators Hash825c2f21a9a22bd9911e6686ced37ded 74f703bdafeabb1aad6a04b073d1745298c111dc 0624e04628b8b0d5f77b594b9ef1408296a1774109a47d7c1ac402e1d2636350
GET /captcha/v1/b1c589a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:09:00 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 01 May 2024 03:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875936bb4892b512-OSL
content-encoding: br
|
|
| paste.fo/codemirror/theme/material-palenight.css | 172.67.144.225 | 200 OK | 2.5 kB |
URL GET HTTP/3paste.fo/codemirror/theme/material-palenight.css IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (2481), with no line terminators Hash3478d0a15c06b2059f72536e171912ee 774e48edd31323ea84723f8ef3eca1791f10d69e 0500595d586e40f69d933d1835fc02b7e4df3ead14a02cabadf13cec0370ab61
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/theme/material-palenight.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=2969
etag: W/"b99-614ce4aba19b0-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4062
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ulBVQJl2E2Hmu92TRh%2By5djxv8vy9hoe7XXY%2BubgTtzVsSRGqYutw6d8FVVDYMyev7iwq7CdrVm6q7A6K7nsItFbDv2kPlu2A%2B7BoP7JFeCkoulWf6bbFbE%2Bug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b59a22b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/mode/xml/xml.js | 172.67.144.225 | 200 OK | 9.6 kB |
URL GET HTTP/3paste.fo/codemirror/mode/xml/xml.js IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (9904), with no line terminators Hash3ec07361d74afef5a6157560b789479f 34b9c1956f2ad4cd02ff2155615cda04f17bccfc 05c1e29bd73a327db390a83066b86acc99162f86e2ded090cbb70fd84d94e575
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/xml/xml.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=13353
etag: W/"3429-614ce4aba5830-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4062
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yYztvpQSY7VVtIKMB8%2BlYFQLP7hPfxOER3ydJvdFXKvq%2F%2FVQj3QRW84773OU2g9GsEaRwEyFxI0Ok4yVhpEG4yK0YpcrpMQgX95IjhBI2dYT9j1HRno2Vf3RIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b59a24b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/mode/php/php.js | 172.67.144.225 | 200 OK | 16 kB |
URL GET HTTP/3paste.fo/codemirror/mode/php/php.js IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (10405) Hash435c5cc4f876bcb6369acfccba865995 a65908ec04cd4f6907098d22702320c7f88e725e 1ece120c4b6f866fc0f6a32b7a031709a76d3a192025fdef0931a52953f489cd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/php/php.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=18339
etag: W/"47a3-614ce4aba5830-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4062
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KqDOPnxR%2F%2Bg%2FfP883svl89OdAs6GZ1mtRed7urkB3KWwCwniVU8rEuzE0uxqXNdI9rS5JrbB8QnlKm1yMhuOa8efvzSnkEJs86TTMkOWqiqy%2FPHk7NuyL1gDCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b59a28b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/assets/svg/thumbs-up-regular.svg | 172.67.144.225 | 200 OK | 1.5 kB |
URL GET HTTP/3paste.fo/assets/svg/thumbs-up-regular.svg IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash8316f24250b74fb4d08b7d0d8d7d1a66 e241a00103a7a81d5678741010703fddd7de83dd 7a4a04f8e984441f7a9fd9d4a796726e1d9b2124095688d9ecd0b891ab2f84e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/svg/thumbs-up-regular.svg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"5d9-614ce4abcb98d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4061
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rzdFp1hZbqwQVdaNeUiScX6p6rrG1NuxyZU40RHKedxhtENicn3AnuRemDlBPCbtWUVGGoxybpyTJiTGB1NbXkGaxxxS5CX0y1wf3Xw3mhqa9JRJnDyZdw9t3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875936b5aa32b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 | 104.17.24.14 | 200 OK | 150 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 IP104.17.24.14:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 150124, version 772.256 Size150 kB (150124 bytes) Hashc64278386c2bbb5e293e11b94ca2f6d1 6b99aa650bd12a36caa14e0127435d8f4cd3ba73 7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150124
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-24a6c"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 116722
expires: Mon, 07 Apr 2025 03:08:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iqtjD5FYYcy2Jn2PVrK725wlDv6IM7rutyQwOkHvEao0x%2BLugrrgiOWa3omI6xFZj1uIMdgU4yp1c2DVlna10ltj4JOPlfxdGPM3AmKbJfkgZhViUWiibMYW2VcMM0l7jdDO7S52"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875936b9d90256bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| | 172.67.144.225 | 200 OK | 21 kB |
URL User Request GET HTTP/2IP172.67.144.225:443
CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (1494), with CRLF, LF line terminators Hash8bdf19b8ccaa244ca7c72529f3ac99c6 6c55b5c8902cb6dc3d9e33a21c226d73898822ec 7ca87b7a75719ec8f96b325aa5f873eb9b571b52e0526b3362c3c24c7784b056
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /2fb428b73a80 HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 03:08:58 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a; path=/
token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
sscore: 0.22368421052632
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BYyFCX%2F3r2EQB5JeNQM37VSpKQyhDJO5Kkxi7amEd0U3qwxSC9LM9D0a%2FG%2Br1D6qeSmQb13TMHcae0NEDDc0dlmvFYBrsg99aSfr2os8OojGDYlwMKczesutvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b28d6956c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| u.paste.fo/script.js | 172.67.144.225 | 200 OK | 2.4 kB |
IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2496), with no line terminators Hashc7b7184df64285d4548b9eaa32a19509 ef7da84b4e6bd419d7afb62e99ab6461bdc3c8fb bb0c244f2792bc3cb178f2e98d239be893d11443e142aafcb5c0c059b8483440
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /script.js HTTP/1.1
Host: u.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: on
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
cache-control: public, max-age=14400
last-modified: Fri, 29 Mar 2024 16:49:26 GMT
etag: W/"977-18e8b1dc16f"
vary: Accept-Encoding
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XF7vs6AfAm4I0yrV%2FyQPQs6qqR4M2h8YNJ0ThMvjbPdgFt6B576xecaR2ENR9IV3Arq9jUSndJtRor7%2BVVJHRv0UHKsNkTITWk6SseX8oKlfSqyy50uhHIyEm26w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b5fa5db505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/favicon.ico | 172.67.144.225 | 200 OK | 15 kB |
IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeMS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel Hashcf593ad6a070c546ba238d5172b52aa1 9bed079538917ab59999ea26e8becca1cec74af8 d19e9b6b10d3890ef6cffdc76821fca266f2c0db6c653ffe16b5984a200a4015
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:09:00 GMT
content-type: image/vnd.microsoft.icon
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"3bec-614ce4abd368d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 478
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gyueeN7e0N%2FASKnzWsmzTLWFd73M80sRChf2c3y0x3CV%2F%2FhZ8DbGPQwbsM2LZygnhg2GhvQTt4pdIhK73QEabFYU9yuEg%2BrmPT%2BCY1GQEJIf0PzP8z5E%2FngJtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875936bbec70b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| u.paste.fo/api/send | 172.67.144.225 | 200 OK | 589 B |
IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (589), with no line terminators Hashc9c8d6502e1ffb3ca4d4766f13f7ec75 4943aedb12ea5511484890de9f9ef05cadd14d94 cd09fb2a2e7d392fb67f9d4b59f65da846e1b4e89bd08e220f7f226e29d41c9e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /api/send HTTP/1.1
Host: u.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paste.fo/
Content-Type: application/json
Content-Length: 219
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:09:00 GMT
content-type: text/plain
x-dns-prefetch-control: on
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
access-control-allow-origin: *
etag: W/"qhg6ilkyyogd-gzip"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p1kFhQVYP1CJ5m%2FuzlMJ%2BW%2B4T4r3XwCs9zTzLMjPJhO6v140yisR6EOTXCcqH4hOBF825go05OIXUccRjYGJ%2FkY6%2Fuv0U5dWiZAyjlV6mPR3LbA%2BefpfuLYruxVl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936bf8df3b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/mode/clike/clike.js | 172.67.144.225 | 200 OK | 28 kB |
URL GET HTTP/3paste.fo/codemirror/mode/clike/clike.js IP172.67.144.225:443
Requested byhttps://paste.fo/2fb428b73a80 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1704) Hash2b5341f353f5cb58026ebb1b6f047842 1bdda948cdf3b6c9644d8d07cc74c8aaef330f64 c0e7c4989a015e232a497a9b28e5c0fbb2558066ac52a6339ad59d3d924a0d3e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/clike/clike.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/2fb428b73a80
Cookie: PHPSESSID=k1l2q5icdcsj9m7mriqd0p057a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 03:08:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=37231
etag: W/"916f-614ce4aba5830-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4061
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=73EKgexirh%2FhdXB1OgwUt2Beu4ODRndNfPCbR7Ct5Lk2QecW9cbyLTKlcg9jPrcbOyk7A8Mwq1pnaBqbo8Io%2FdEHnxQ0nB34Ty5ZWxDe8vREMsZFQ12jJk3aAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875936b59a2db505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|