| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css | 104.17.25.14 | 200 OK | 19 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css IP104.17.25.14:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (52276) Hashded1c367363e8b20bdc6a19b8350a737 8c06d82739d14b094ff6d9036021a252bd1d985d 1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: text/css; charset=utf-8
content-length: 18752
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6421d693-4940"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 142192
expires: Mon, 07 Apr 2025 09:12:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aq816iTNMvRGBvyYYYNzPhm6q3RL3oWrNG1x8AfTafisEUsLKqDNEzzPmMj7Khzl8UDJr%2F5BZjIs8krDGtF6QhtKCozFL85Hp0icKdVj1iI3qtycc50rQnnQjSZMZ6I75wAu8zuB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875b4b661e7592d6-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js | 104.17.25.14 | 200 OK | 28 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP104.17.25.14:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 144627
expires: Mon, 07 Apr 2025 09:12:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C9GKAnv3De%2F6Hz0UsPSBEGWnUedT%2BCV9eOiENJCr8oMyHqHUNBPFWMT9eskRFRLzVXpnvEbUpqp2%2B9pInjLBSlk1Qe4P6%2FXyJiHow6GhflXRV3e9NZaPcRFv%2B1xUjYKQirx53Dgt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875b4b663eb892d6-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-HKXR34F8P3 | 142.250.74.168 | 200 OK | 93 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-HKXR34F8P3 IP142.250.74.168:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3034) Hash7f605d02b9ac9313d3b3e3827aada8c0 c7cef85ba5da4535486fa3d071f87885125574a7 93310fa10eec9ffc43ee20d06dd890d29ab8774fd8e3bb919da6ed13a38bd872
GET /gtag/js?id=G-HKXR34F8P3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 17 Apr 2024 09:12:38 GMT
expires: Wed, 17 Apr 2024 09:12:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93147
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| paste.fo/CSSb8daa07cd928bc86.css | 104.21.28.76 | 200 OK | 591 B |
URL GET HTTP/3paste.fo/CSSb8daa07cd928bc86.css IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashe09957853ee7f0a3a621f54331c82664 8a0a90102e1d2dab47400bdc148ad1cf643394bb bec5deff3bfaa06a71ee3b73ff5a264b56f3dbfaa09d3d811ca2a6065812c914
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CSSb8daa07cd928bc86.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Wed, 17 Apr 2024 09:12:38 GMT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cUL67%2FkHbwid0ZRU243YkljO99%2Fj52lULv4LETxob9Ft%2FFWdiXpK0fB8Qalm1H7yeUHf%2B%2B46OEY4v7Y3D%2Fg9xIp8ipoleLd9Brr2Q%2BGT2H1gwJAAyC7204j%2FmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b65ab0aabda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/mode/sql/sql.js | 104.21.28.76 | 200 OK | 18 kB |
URL GET HTTP/3paste.fo/codemirror/mode/sql/sql.js IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7061) Hashb48a3934b20b392ae812b17df05355f4 40d1a558afba1f5043b23131e496de37d8e2dfb4 ac23d3f196deb9be25cfcecb966bdc1789b9e177aac683ddccde1420670c4d8a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/sql/sql.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"e892-614ce4aba5830-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LnJn9ep7X07R0Hf5CR5H75fLQKPpEQ1XFrjrQ1%2FgoUs8N4wyUya%2FCPNtblyMBL9uwxiYvPg0yFC2Tr24%2FQQl9s285Mr8Wr53hvJAVvcSyfxltMO7%2FZrlhukF5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b65aafcabda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/mode/python/python.js | 104.21.28.76 | 200 OK | 4.7 kB |
URL GET HTTP/3paste.fo/codemirror/mode/python/python.js IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash9b50648e6f546e4f63f1a8eb25adb039 b178c4d31cc4eeefe58e97a60723d47af96b79ed ec56443dfebe73f332cc639289ad2de6921560c8952a3e2127397a0849882657
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/python/python.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"3a4e-614ce4aba5830-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Se7FDhwTlbBqMwo727rP63aCnpSN%2F7LglBi6Iy5KfpI3jEVudVQG3Xa6U7Dinwh21m%2FZmvj%2BHpcUzGZxyIIDrlf6Ee3%2BYDVGlYqSD8Nkhia%2FD0RTkk0nBjaTyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b65ab00abda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/mode/css/css.js | 104.21.28.76 | 200 OK | 11 kB |
URL GET HTTP/3paste.fo/codemirror/mode/css/css.js IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash3675078ada8a185a353a6560bda2d5ac 1045cdc88a58fb002511eb21db184ed242730f05 60f0689e5c6af7f36c341e8e1341a4f10b4f0a04cebfb7341bcbedba9b572b32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/css/css.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"9e2c-614ce4aba67d0-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K5kpBSwftB7e1TwO7LnsZWK3IzeKa8yhIPYTJUtLE23Lfk5XSouAWQelMNBgONpCfaZa%2B6xQeGgJYyRmnv%2F0njFO9x%2BD3gK9r4cU%2FF2U4U8FmKp4ltpUzUZqKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b65aaf7abda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/mode/htmlmixed/htmlmixed.js | 104.21.28.76 | 200 OK | 13 kB |
URL GET HTTP/3paste.fo/codemirror/mode/htmlmixed/htmlmixed.js IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash4c5a6f44d738b718d1f6164c1c8d6904 a4f9c3552740fb908e14fb0f47832d10a3f535d6 fe5912e1d10f8fecb98bd31e2f957c0bbc9abf6b505d11b6dbcd27542d0fdcad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/htmlmixed/htmlmixed.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"1638-614ce4aba4890-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nduYQmFbWQqSaaEiRNULe%2FaA7Rbe%2BHM8XsjgaxuRRZ2Ea1eEjdRuaMad3G0iLuGqBxAi0Fv0MxfeJYMPL5UxBnQMOS9yByR9kawi6w705XuNJ58ANE7DtAIOAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b65ab06abda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/mode/php/php.js | 104.21.28.76 | 200 OK | 13 kB |
URL GET HTTP/3paste.fo/codemirror/mode/php/php.js IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (9306) Hashf2f1668dbc8a4b0fd9f031dceda0e4ab 31d6961d6d4cbe7bf5deb2f0b5ba099c49e5c962 07819ae34d5830a3cf040e1904d4b641cb70142845394211f7fb63c891d80945
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/php/php.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"47a3-614ce4aba5830-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EKRZLA3kE2jOW4KxCuHG87hxDVj9WSyLkkiG20IzWzs0AT8v7MinHkjC%2FFDZMd7Y6oGe6W0W0uUlhF1mxqg5bIcge8bL%2BkCnoMIVAlAYx%2FNOysv752sxp4%2FMGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b65aafeabda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/assets/svg/email.php | 104.21.28.76 | 200 OK | 12 kB |
URL GET HTTP/3paste.fo/assets/svg/email.php IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeexported SGML document, ASCII text, with very long lines (576) Hash228beb59530af110cfac760f33b0868d 4c6909e4a1939dfccf4e38d430a39855d35bab47 779ff7dada730e034b90d2a74d93fc1fc74f332819bce6d98d81f4d42762e37c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/svg/email.php HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PmaignzFxlh9MCAf%2FiiGBBJibImHwgaQAShxxzu8gMb7uhbtxr7azkqlAT5CfkIfGGN5ykNvRNJcxEZCj4s9dlzNckPCfUmgh79ajoP8hQgZZsEGyEfd%2BmFaug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b65bb1eabda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 | 104.16.80.73 | 200 OK | 16 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 IP104.16.80.73:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typegzip compressed data, from Unix Hash4235d6d4ca6161328d9ed394e26fa7c1 0739f07378b2b36440f34cb1c41ce9f0b1313bc9 336697ec1ed68a481e52f88f9df2ddcddaa902cbd0b7b970616fc3b651940c68
GET /beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.0"
last-modified: Mon, 15 Apr 2024 22:09:58 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b4b665d48abd8-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 | 104.17.25.14 | 200 OK | 25 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 IP104.17.25.14:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 24948, version 772.256 Hash61f30b79daf5b31f0d254a31fba66158 fb363d27cfdfe71a243fa2ac3dab2815232b9b7e 8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35
GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 24948
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-6174"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 137867
expires: Mon, 07 Apr 2025 09:12:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VHLU382bYXU%2Ft%2F1BhlC8MGTELNS07%2BDYPStM5qgAX0kKYFx%2Bt7VkNR2wRun83ztPdV7xG5YZQ1wXhFT0jNzjNo5%2BqG7fkF5UjJab7CfOOoazxPMJ3b6fi%2FLXE1LnicvsVFt2jSc4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875b4b697d7a92d6-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 | 104.17.25.14 | 200 OK | 150 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 IP104.17.25.14:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 150124, version 772.256 Size150 kB (150124 bytes) Hashc64278386c2bbb5e293e11b94ca2f6d1 6b99aa650bd12a36caa14e0127435d8f4cd3ba73 7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150124
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-24a6c"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1095457
expires: Mon, 07 Apr 2025 09:12:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guLT2rPsBJ6SHbdIwSiXEIr9ODx3ICtiTYiNhawu8XCAtiiEFolnNga3VSOZL4AM97JI%2BGJh7pyYSuDbrZjDhODeEjx62%2BPWBB%2BxmjeRql6472C7qliPNwLfj8XjkiSSaQYSjTWb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875b4b696d6792d6-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 | 142.251.209.131 | 200 OK | 22 kB |
URL GET HTTP/2fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 IP142.251.209.131:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 21528, version 1.0 Hash6113a25a586aeb6d0d3af5b5b652b973 25619eeae1fe17389310e4d392c427b7711dba44 539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f
GET /s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 13 Apr 2024 22:47:07 GMT
expires: Sun, 13 Apr 2025 22:47:07 GMT
cache-control: public, max-age=31536000
age: 296731
last-modified: Wed, 13 Sep 2023 23:21:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| paste.fo/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.28.76 | 302 Found | 0 B |
URL GET HTTP/3paste.fo/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 17 Apr 2024 09:12:38 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U99fRlLpk48yK0NKUCYkZJLhMdXzrx62%2BxAeCcGAkVMxMHooMToLMYU%2FuzZA9tyJWdSOkhx2qyJIlcCZfNbQAhhOg73aH%2Fj9wY7p3MubkpN6F7RPSw%2BB7NcoFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b4b6a3bcfabda-CPH
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 | 142.251.209.131 | 200 OK | 22 kB |
URL GET HTTP/2fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 IP142.251.209.131:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 21528, version 1.0 Hash6113a25a586aeb6d0d3af5b5b652b973 25619eeae1fe17389310e4d392c427b7711dba44 539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f
GET /s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 13 Apr 2024 22:47:07 GMT
expires: Sun, 13 Apr 2025 22:47:07 GMT
cache-control: public, max-age=31536000
age: 296731
last-modified: Wed, 13 Sep 2023 23:21:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| paste.fo/assets/css/cio.css | 104.21.28.76 | 200 OK | 22 kB |
URL GET HTTP/3paste.fo/assets/css/cio.css IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash495978f1df765f0993859afcf8490189 5ef8a4b916f6d464c755881fe251859a5a842c67 c03d3189c28dc88b8042d27b55e75cf0872d9c7e8ef4244608b6da9319ebef42
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/cio.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: text/css
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"675-614ce4abcf80d-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GxmuKVGv85lBBoKzQI4EU1efr3JGNxmp%2FgMzGVFiUukKIaTVy2fW6KMqeNa11uLFttNU34km7SwN67krNMswJ88hmEtyus5L0EMWm%2F4Vv4cCOy4Hp5Iv6VLWig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b658abaabda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/assets/img/bg1.gif | 104.21.28.76 | 200 OK | 25 kB |
URL GET HTTP/3paste.fo/assets/img/bg1.gif IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashdcab8f9443952c7589be3e4db6072853 824ca8c921eeca604844d3f00d08691631199201 a1a2a8e83029575fa6afde2c7b946fd3d98407fccf673c587aac398cd2fc8cef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/bg1.gif HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:39 GMT
content-type: image/gif
content-length: 24898
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "6142-614ce4abce86d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KjJ05vJgf9voKXwf5zbo8xlQdovRc952RXyaCK82BMWrN9YPV7mwPctTijBwNiUs%2FDqKCPnfUCZLxl7xIh6SZho2NzvvRtqVYw8dQWTBjqkLAkWz5BSXtEcbtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b4b6949cfabda-CPH
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/cdn-cgi/rum? | 104.21.28.76 | 204 No Content | 0 B |
IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/rum? HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1046
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9; _ga_HKXR34F8P3=GS1.1.1713345158.1.0.1713345158.0.0.0; _ga=GA1.1.1298633968.1713345159; cf_clearance=_EobJRkG5T8UfBdPgHPddVwm4vwEV9jFPbGAkHC6B1I-1713345159-1.0.1.1-BfCZTn.PVB5ZQfTB_F306Gp0VjyqrocRHdIcsGHjHktdywxJ0_maCXpxepMLwBpIUKWpQSHlUpVC9v69ET7cdA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Wed, 17 Apr 2024 09:12:39 GMT
access-control-allow-origin: https://paste.fo
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 875b4b6e1bc4abda-CPH
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| paste.fo/0323EDFEMC5C464049450A1D1C5E1B585A511A070EAM4C036166092B2A081B64044E16525F50.jpg | 104.21.28.76 | 200 OK | 8.1 MB |
URL GET HTTP/3paste.fo/0323EDFEMC5C464049450A1D1C5E1B585A511A070EAM4C036166092B2A081B64044E16525F50.jpg IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 800 x 200 Size8.1 MB (8065033 bytes) Hash5a48b1279d915d1b844ceeda0212ba80 a702fb7f99a765fd6ba5fe6798ab2dfcb67d0021 0256536e816bf82884335ae611639bf19843101e50e5f5dca5616a313a6e62c8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0323EDFEMC5C464049450A1D1C5E1B585A511A070EAM4C036166092B2A081B64044E16525F50.jpg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: image/gif
cache-control: public, max-age=14400
x-wp-cf-super-cache-cache-control: public, max-age=3600
cf-cache-status: HIT
age: 717
last-modified: Wed, 17 Apr 2024 09:00:41 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IS7HpTnmZEC8KthysmuSK0zpNKxXUyhoo3vy1c4bt8eWhbfK2nLv92HUBg4Aw2B7Ul6f7DUeZC2n8NimuyexqIb8VYaxhd8Y5YJa%2FIrptCWpjlLDbtL%2FXr0JCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b4b6949c2abda-CPH
alt-svc: h3=":443"; ma=86400
|
|
| newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js | 104.18.125.91 | 200 OK | 136 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js IP104.18.125.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0oz3n6s51lo&host=paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fpaste.fo&size=invisible CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (41625) Size136 kB (135622 bytes) Hash052bf4abb4128ef78b68c418f7d94678 2b6c44a8cc009017a2909c7afd71e371e82b7d27 01908359050da30c842f89d13af0447be961b00b67b46eb61114d1fa48f1bdc9
GET /captcha/v1/b1c589a/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript
etag: W/"5a68efa2b964d5c167fde3b130af8e94"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 01 May 2024 09:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875b4b6b4c9392d0-CPH
content-encoding: br
|
|
| paste.fo/assets/js/hyperlink.js | 104.21.28.76 | 200 OK | 6.5 kB |
URL GET HTTP/3paste.fo/assets/js/hyperlink.js IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (630) Hash754527075e7f43e5b376a6879d591ad3 019edc8ec844b25f28c0049c56aa09c5cc0a5121 d5ff35dd76c5fa9ebfe3b89012a8dd40e85a89ee50f4f85623d338f0514e15d4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/hyperlink.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2060
etag: W/"80c-614ce4abce86d-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3133
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vq3yfPIosBQIXEUz6Yv4dqXuBWNmAaOQLzheaifdpyD5pH6knm9WFFijpBSBTuNRtCPFsW4raaz%2Fnfba9uv2nQHgVQXdR3BskdhhIq0Nb8DLoI2Kor%2BFK5fVxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b65ab08abda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/8F516AC8MC0A401246170C1D16081D5C56031D54564A7AM2506816020D644A7B585D431C561B055D00.jpg | 104.21.28.76 | 200 OK | 2.7 MB |
URL GET HTTP/3paste.fo/8F516AC8MC0A401246170C1D16081D5C56031D54564A7AM2506816020D644A7B585D431C561B055D00.jpg IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 550 x 138 Size2.7 MB (2716204 bytes) Hash98e81cb80ce584cb4a7674eb9ab9fb52 e035e2e1791e2f06158ba44d067f1d7315745e71 c1205599e407622f5ed64ef56b0c52a478b9cb156dc770a1cf08e89ba868b691
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /8F516AC8MC0A401246170C1D16081D5C56031D54564A7AM2506816020D644A7B585D431C561B055D00.jpg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: image/gif
cache-control: public, max-age=14400
x-wp-cf-super-cache-cache-control: public, max-age=3600
cf-cache-status: HIT
age: 289
last-modified: Wed, 17 Apr 2024 09:07:49 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fdc9Q002I%2B7EN8eSLnLlPEaF11vC3Aonq55gCSQhBCiTNHLK9QJAvaSRm6FwQwEAG5VWmw9zaMQl77mKo9NE6Lfw1u9LlM4YLC%2Bk85vzYIdwz6E%2BrXthbRQeEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b4b6949c6abda-CPH
alt-svc: h3=":443"; ma=86400
|
|
| newassets.hcaptcha.com/c/282d0ff/hsw.js | 104.18.125.91 | 200 OK | 528 kB |
URL GET HTTP/3newassets.hcaptcha.com/c/282d0ff/hsw.js IP104.18.125.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0oz3n6s51lo&host=paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fpaste.fo&size=invisible CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size528 kB (527636 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/282d0ff/hsw.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:39 GMT
content-type: application/javascript
etag: W/"f593c8f46e9cb4a93e13a33ec29e7214"
cache-control: public, max-age=3024000
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 22 May 2024 09:12:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875b4b6e3a9192d0-CPH
content-encoding: br
|
|
| js.hcaptcha.com/1/api.js | 104.18.125.91 | 200 OK | 387 kB |
IP104.18.125.91:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size387 kB (387091 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/api.js HTTP/1.1
Host: js.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript
etag: W/"5a68efa2b964d5c167fde3b130af8e94"
cache-control: max-age=300
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 01 May 2024 09:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 875b4b662cc5abd2-CPH
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap | 142.250.74.106 | 200 OK | 40 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap IP142.250.74.106:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashfb9a01c247c59daca77d5e373217b0b1 df072c2f05f7e6884df927cf8b4d2144937b8cbe f6ce0c3fb43d72007637cf61a13dc4c6a0cb1111d2f457dc1386008f83fe13c3
GET /css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 17 Apr 2024 09:12:38 GMT
date: Wed, 17 Apr 2024 09:12:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| u.paste.fo/api/send | 104.21.28.76 | 204 No Content | 0 B |
IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /api/send HTTP/1.1
Host: u.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://paste.fo/
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
date: Wed, 17 Apr 2024 09:12:39 GMT
x-dns-prefetch-control: on
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
access-control-max-age: 86400
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V3RjM2u%2BjO5%2BvqYQTCNEaiM90ONnCrlJ0G6xpUvr1O%2BmGKfTMIyVde%2FF5sQ1tWHqtTyorX4tAifLTs3LS06GYOPz410xKSXjybsILOBO0qpmRQzPsVOLtCuBwTXe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b6e1bbeabda-CPH
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/mode/clike/clike.js | 104.21.28.76 | 200 OK | 37 kB |
URL GET HTTP/3paste.fo/codemirror/mode/clike/clike.js IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash145b41ea6cde47e8889ef8b2214eecde d0ae7cc4040a57a76b86265f492f87e251d1cc9d a1ff458a030f8b1db2d901811344f3e178eaceb19b598277d054bf83dacfecd2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/clike/clike.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"916f-614ce4aba5830-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0MyToQkUKUYmZanW6JNpuRyxyB1dNP51f7%2BfMyBGgRNVD3EVYASxbEdLMWG%2FW%2FWsJNRYhjo6SPCs%2FetiQbTeIuiUuc09%2B1cX1uSNN88j5YXRq3jWS8cimbScDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b65ab04abda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/assets/css/responsive.css | 104.21.28.76 | 200 OK | 7.5 kB |
URL GET HTTP/3paste.fo/assets/css/responsive.css IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (7970), with no line terminators Hash2aa89582cef12be226b501d2b5a3cc15 d9ce8a5fed661b25f182757e56e1b6240a2e5853 81f523d5dac2560f01b8b0a30d90bcb08bf90a501e558bcb49da7e4f19291b72
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/responsive.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: text/css
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"1d58-614ce4abcf80d-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmCAJIkwv82SfJHA%2Fdl9fcoeGp8A%2FmrrhVMPdkQ3f5sD70Nj3rKOdr8VYeUHvKbpEXenC59aOizoCu56RvRcTt2gGqxJmY37hYl8vvucVogxRbgGGjRrqfNXww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b658ab6abda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/lib/codemirror.js | 104.21.28.76 | 200 OK | 401 kB |
URL GET HTTP/3paste.fo/codemirror/lib/codemirror.js IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Size401 kB (401347 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/lib/codemirror.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"61fc3-614ce4aba67d0-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bwccfcNwgFP5ABUsMxfN6iztxmwE3Kda3EAXnIjsLYNW1xx6vmJ%2B5XfceCHzEvWl2Vte5Rvrx4Tm6Z3TJPJDmET2tVBXnE9asYRvLYefT25VL1STGsNSTXHdjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b659addabda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/assets/svg/twitter.php | 104.21.28.76 | 200 OK | 1.1 kB |
URL GET HTTP/3paste.fo/assets/svg/twitter.php IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeexported SGML document, ASCII text, with very long lines (1064), with no line terminators Hash52ada42cb5438b7b0421018fd75f361e d5e00f0d91ac0e644fa97b585fa704764276830b 5814970c931c847c4acc7c25ce39b1f9abbed82f7642c2da34a93f895d875746
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/svg/twitter.php HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ycG%2FnYgWhFh7V3al3Oyw4cX8mm4MlxWn%2FHTPDKwoLdxpYpnac%2FWnINKNmdcqoZwVlF70FNbYVyY%2B0E0vkE9wPE7AaEmyUECSxHOScNczlKbnbs65Zo2IGtTJzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b65bb1cabda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.28.76 | 200 OK | 20 kB |
URL User Request GET HTTP/2IP104.21.28.76:443
CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /dd234e212112 HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 09:12:37 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9; path=/
token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
sscore: 0.53672316384181
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WkQVNg3XFumk%2B%2BCgjOS5mYU6p4q7JLQtooNCdOpNjRSQ8%2F9YsSi45xMhxhFNFs6%2BYFmlk%2BUk4QlTQxpZYlZPa02zG%2FPuB0sYugIYf4OcVO787uPwYBR2xuZ2MA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b6339c28f59-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| paste.fo/codemirror/lib/codemirror.css | 104.21.28.76 | 200 OK | 8.7 kB |
URL GET HTTP/3paste.fo/codemirror/lib/codemirror.css IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (9064), with no line terminators Hash8b045e55b2a449a117883ea28388a77b 115408c4f4cf7f856b9d6fb938d8d5b13b579fb1 be7c7e645a5db24c773efe72d8f45aa0ec7bd6a3725562bebe2c74612351a6d5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/lib/codemirror.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: text/css
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"2210-614ce4aba67d0-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QmlBnkj%2BEhJ0mTpjm6%2BY%2F7xf%2BGECQY0pE4f7ErFZ1%2BzcT0AMLO7%2F9sn8jQMxFOekev7dXuKOnLI4LI%2FfnFXtccwkHViXeh%2BvpRdynR3AFj2vPo15eUP%2Bsac7Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b659ad3abda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/node_modules/sweetalert2/dist/sweetalert2.min.js | 104.21.28.76 | 200 OK | 43 kB |
URL GET HTTP/3paste.fo/node_modules/sweetalert2/dist/sweetalert2.min.js IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42951), with no line terminators Hashf15be88a3c9bf40debcc080b125c7e91 4a636976285768dd43278f43d63ba5779f3f493d 8c80ad67878fb50120f124f112bf665e7804452332970d3279b571b13a26d910
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /node_modules/sweetalert2/dist/sweetalert2.min.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"a7c7-614ce4ab9fa71-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=anM2b7pAlHtr9hyY1%2FJRBNSRbrYxpj31Fq5Z3V5GUfbY%2Fm9QclDumzDV0c1knREHj2qDguqDkt0RwVDGhorXUTd3PCftzVAF5nsRQsOJchary12GFSXpmt4ijA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b658ac5abda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html | 104.18.125.91 | 200 OK | 1.7 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html IP104.18.125.91:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typeHTML document, ASCII text, with very long lines (1768), with no line terminators Hash825c2f21a9a22bd9911e6686ced37ded 74f703bdafeabb1aad6a04b073d1745298c111dc 0624e04628b8b0d5f77b594b9ef1408296a1774109a47d7c1ac402e1d2636350
GET /captcha/v1/b1c589a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 01 May 2024 09:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875b4b6a2aaa92d0-CPH
content-encoding: br
|
|
| paste.fo/cdn-cgi/challenge-platform/h/b/jsd/r/875b4b6339c28f59 | 104.21.28.76 | 200 OK | 0 B |
URL POST HTTP/3paste.fo/cdn-cgi/challenge-platform/h/b/jsd/r/875b4b6339c28f59 IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/jsd/r/875b4b6339c28f59 HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12140
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9; _ga_HKXR34F8P3=GS1.1.1713345158.1.0.1713345158.0.0.0; _ga=GA1.1.1298633968.1713345159
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:39 GMT
content-type: text/plain; charset=UTF-8
priority: u=3,i=?0
set-cookie: cf_clearance=_EobJRkG5T8UfBdPgHPddVwm4vwEV9jFPbGAkHC6B1I-1713345159-1.0.1.1-BfCZTn.PVB5ZQfTB_F306Gp0VjyqrocRHdIcsGHjHktdywxJ0_maCXpxepMLwBpIUKWpQSHlUpVC9v69ET7cdA; path=/; expires=Thu, 17-Apr-25 09:12:39 GMT; domain=.paste.fo; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dRykzfGiwrTrpArZQdTbS4X92j4iuZ8u2uUuOKV6VKhlMmRwyN88bJWbA7TQAyiL9fKYPO67D46JVLEBLVTr6HD5hAYwa0uZf0RZ7HhM%2FpeopyICGq3xbUdv%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b6c0fb8abda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/node_modules/@sweetalert2/theme-dark/dark.css | 104.21.28.76 | 200 OK | 30 kB |
URL GET HTTP/3paste.fo/node_modules/@sweetalert2/theme-dark/dark.css IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash00008b67e39ee270e57f03f4fcad4dac 04f3bb1e6464faf302f91ee5e42a94447ad916b9 c6842d1ae92847b8e8cf3283cab162e737127a8fda2e35e628c8994654266d8f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /node_modules/@sweetalert2/theme-dark/dark.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: text/css
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"7542-614ce4ab9ead1-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2F8Pfni%2FbyK8w%2BqabqU9DoyOXy4KfneLzD6%2B%2BWCrPBX%2F22BAZ7X6oF22DIH1o83Dgx%2Bas2qgMyIDPvVPVs0%2BoFA45Qw8AL1VKhU1QZc8RfXjuthcDWzsO3%2BAzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b658abeabda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/mode/javascript/javascript.js | 104.21.28.76 | 200 OK | 39 kB |
URL GET HTTP/3paste.fo/codemirror/mode/javascript/javascript.js IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash178dfcd5f64c97da22a3d3a62713b7a9 969b4a80be53b334612b44a0cc6ef57cfe171a26 21fa74c1638c7a4eb3e8cd04b5c8c997181394568330b341c83716da18ffad8e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/javascript/javascript.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"97ec-614ce4aba5830-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h7fY8Ur72wMhhNDuJgpPZ8e24sKbZLL1yqMF9PYmOMbzHsr4tZlb5X7K2sdPUNCmNSZeh8PwyJE5kyqcMR3HvhRNlf3XQwAfk%2BMSQ2ADgA2z%2FOqLrz7Q%2BNqCuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b659ae2abda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/assets/svg/discord.php | 104.21.28.76 | 200 OK | 1.6 kB |
URL GET HTTP/3paste.fo/assets/svg/discord.php IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeexported SGML document, ASCII text, with very long lines (1567), with no line terminators Hashf25e187801ad4549ff6d1f7923827d9e 682ad175492f0c7ca063eb8b29df8e5fb92ab3ce c4c482f2711284ca3fb68e15af960645b841af8880e7e86ea031ca86470c5e22
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/svg/discord.php HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2zeBwaG%2FCIDgPr1ciFrKZWFyNx3EyIS1XAEiBGn6wmS4jAmuFav%2BEvQdrm6F3P8z%2FJeiacZtKYIm2Jeyc0PkosgL6r8GHHcdpuXnQNA3zqF495BNCz8aJumKTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b65bb16abda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/favicon.ico | 104.21.28.76 | 200 OK | 15 kB |
IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeMS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel Hashcf593ad6a070c546ba238d5172b52aa1 9bed079538917ab59999ea26e8becca1cec74af8 d19e9b6b10d3890ef6cffdc76821fca266f2c0db6c653ffe16b5984a200a4015
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9; _ga_HKXR34F8P3=GS1.1.1713345158.1.0.1713345158.0.0.0; _ga=GA1.1.1298633968.1713345159
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:39 GMT
content-type: image/vnd.microsoft.icon
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"3bec-614ce4abd368d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z2U1joUESzTV%2BKtNxS8bSiSWjGhPkbMTnZgt9tSG%2BS740UojDoKfgVklwrTKIZBNAjj6N033RPFQyrhJGHUEX5%2FEV6kOJj%2BbFGcobCSo4spnGlOjPIyx%2FRz8Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b4b6c8890abda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| api.hcaptcha.com/checksiteconfig?v=b1c589a&host=paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 | 104.18.125.91 | 200 OK | 718 B |
URL POST HTTP/3api.hcaptcha.com/checksiteconfig?v=b1c589a&host=paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 IP104.18.125.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0oz3n6s51lo&host=paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fpaste.fo&size=invisible CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (734), with no line terminators Hashb8df129ebc768f1c7621e9f63757643c a38e72345cfa523322168bf4f87d857cb91c9cb4 15c5dbe04b8f56b4d9f9e0ba6b4ee941aa45d7ab39a0f01529e7b0ba5beeb241
POST /checksiteconfig?v=b1c589a&host=paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 HTTP/1.1
Host: api.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://newassets.hcaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:39 GMT
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875b4b6da9b092d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/assets/css/style.css | 104.21.28.76 | 200 OK | 16 kB |
URL GET HTTP/3paste.fo/assets/css/style.css IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (608) Hash5bda15770898ea87eac893ece623fe83 a1c6f0ef8c7fb26f5684c65c34991ce0ed9bcc9e ac1f84e3b1d61d9a2599e9db20014bce4788930bf643ce8442ac322304e31b9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/style.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: text/css
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"3d56-614ce4abcf80d-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a2UbABlZN5crckHs5k9fvyYOBFZUagJVeRCOUcMTarUOMPNufFovkXB%2BPNQUDzMbxWTh31PeEfkav48QaZNdJFqFRNc8DuCRTu8fBiGnVg4wE1HOmJIduZYUaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b658aa5abda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| newassets.hcaptcha.com/c/282d0ff/hsw.js | 104.18.125.91 | 200 OK | 528 kB |
URL GET HTTP/3newassets.hcaptcha.com/c/282d0ff/hsw.js IP104.18.125.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=1ijned3an5o&host=paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fpaste.fo&size=invisible CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size528 kB (527636 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/282d0ff/hsw.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:39 GMT
content-type: application/javascript
etag: W/"f593c8f46e9cb4a93e13a33ec29e7214"
cache-control: public, max-age=3024000
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 22 May 2024 09:12:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875b4b6e3a8e92d0-CPH
content-encoding: br
|
|
| newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html | 104.18.125.91 | 200 OK | 1.7 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html IP104.18.125.91:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typeHTML document, ASCII text, with very long lines (1768), with no line terminators Hash825c2f21a9a22bd9911e6686ced37ded 74f703bdafeabb1aad6a04b073d1745298c111dc 0624e04628b8b0d5f77b594b9ef1408296a1774109a47d7c1ac402e1d2636350
GET /captcha/v1/b1c589a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 01 May 2024 09:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875b4b6a1aa292d0-CPH
content-encoding: br
|
|
| paste.fo/assets/css/user.css | 104.21.28.76 | 200 OK | 7.1 kB |
URL GET HTTP/3paste.fo/assets/css/user.css IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (7437), with no line terminators Hash06d7b8a344fa4079f6fe906b7b0929dd eba03dc4aba82c9249634258a6c9ecb7acdf477a 6d2ed86e12b41b92ecb3c7b16a637071304616c94ae39cc2d41efbf52617d9fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/user.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: text/css
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"1b8d-614ce4abcf80d-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pxRhRGJki87OYzFl1GT3WR7bGx2%2FQeE%2BXp%2ByGpQjvYTEAqEawRvwTgzZgPb2V2V1XLUIIstdDCW8xnfGHeCgXK74qmBZar4aotNafCNJiz6uFBsqoGWc49MAgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b658ab0abda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js | 104.21.28.76 | 200 OK | 7.9 kB |
URL GET HTTP/3paste.fo/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7886), with no line terminators Hash9aa9a1694edd8a3e02edda6cb15d70ad 5bcc9d411433d0582accb18b17a5124aca9ba1a3 9ce4c9760ddb0c3bd51384a6288ecd6ba190ee87fc85dc10e3f34702b98f5b7b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9; _ga_HKXR34F8P3=GS1.1.1713345158.1.0.1713345158.0.0.0; _ga=GA1.1.1298633968.1713345159
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=14400, public
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OOaCEAIhIMCeh%2FzdRw4JkcJB5ns7zhI61ujAI8qUet5%2FVICxdjaQnEdZE6le3qqimcSRc%2FcIrCAaKXhB5nTwweh0hkRSAoOk6gP7ode1qCfvyaMiNdbeKDBx%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b6add03abda-CPH
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/mode/xml/xml.js | 104.21.28.76 | 200 OK | 13 kB |
URL GET HTTP/3paste.fo/codemirror/mode/xml/xml.js IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashc93fe254ef100aeb5c9dfcda4c91d27f 510c71566cf81560cb5bd1bb25287ed6502dde75 dc7e44d410399326f802e2924573cbf6f942a79f647fd0b97f0b607973bc9a09
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/xml/xml.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"3429-614ce4aba5830-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BB0Mp6olcjZ%2BqeDx5quOLuHH%2FJVngCH1qu5lRjhfpjSwe9Sm9J2m1zhrXPg%2BfUNALA%2BySpzh6JANQ246EMMiWNaHigVySwekfhd%2F%2FE7WrfsRGYBM1B%2BbxWRGDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b659ae1abda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/assets/svg/thumbs-down-regular.svg | 104.21.28.76 | 200 OK | 1.5 kB |
URL GET HTTP/3paste.fo/assets/svg/thumbs-down-regular.svg IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash389c8e85f6e31500977c27d913ef8802 1aadcd3b53c6e86b001ff153294a33260913fc82 e9be5fe625221dc40c32eb0f1faf336dd592141b6496b8f3be76a772e13dd591
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/svg/thumbs-down-regular.svg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"5f1-614ce4abcb98d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3133
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cLNxePYh9F6VAsn8%2F9pfQKNyCsxyCAgKPtkrXpzyJH4Fcm5J9p%2Foewf%2FSZTQl9NMALCR6vi5bEQsQbU23%2BkEPCiaZD0Y3%2FHS1uexoqypZ%2FGkPEKawQriW98pxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b4b65bb12abda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/assets/svg/thumbs-up-regular.svg | 104.21.28.76 | 200 OK | 1.5 kB |
URL GET HTTP/3paste.fo/assets/svg/thumbs-up-regular.svg IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash8316f24250b74fb4d08b7d0d8d7d1a66 e241a00103a7a81d5678741010703fddd7de83dd 7a4a04f8e984441f7a9fd9d4a796726e1d9b2124095688d9ecd0b891ab2f84e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/svg/thumbs-up-regular.svg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"5d9-614ce4abcb98d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3133
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=spdnVgd%2BZxgZ1fNE40lzisslixu3lBrs6YDBeBcnWtUeGBwJEUGpsKKuBZQgwIhdJ4AE43EWCU0rqL3P5ndWapkl8Jlx5m8JD9H0f6qcl9F66xy190v5KeZG1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b4b65ab0cabda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/theme/material-palenight.css | 104.21.28.76 | 200 OK | 3.0 kB |
URL GET HTTP/3paste.fo/codemirror/theme/material-palenight.css IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (3111), with no line terminators Hash1aa44862c3f13344efde99ae23ffa2dd 379767bab90d36575f7306b893be0d9d5f1708da 8c90c317211cba8f920341757d2b31c03f80b965abc07b300d2ad8e47c99ae58
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/theme/material-palenight.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: text/css
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"b99-614ce4aba19b0-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LfAKathlZztq72eZZRkcPsEfCW9760ENHne3G7JIAjxc6KmbNMpVz%2FcfOpzMSJ00lL3Iv0PPl%2BtWyKcjynwuA7fVk62KkaLzJnvXrFpRtdOwlgGdfmiYmTQfPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b659adbabda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 104.21.28.76 | 200 OK | 1.2 kB |
URL GET HTTP/3paste.fo/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (1271), with no line terminators Hash40d981045a7516cdadd00e8dccc9c58d 8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3 71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 08:31:34 GMT
etag: W/"661ce5e6-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=obeRHZjbtZNAzEDcNOejmI%2BpKMjRRJkmwDIg1l1Oi6ldxuACLmet4kvsxtnJNYCgMWA3tDFZF9sXDm4nGG01xcJnNlptmRD2tzOKMlOmlWlo2%2F%2FndQ%2BvYkgYyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b4b65bb2eabda-CPH
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 19 Apr 2024 09:12:38 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| u.paste.fo/api/send | 104.21.28.76 | 200 OK | 589 B |
IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (589), with no line terminators Hash409a5b19e6a7920c709edc802844ebc4 e55dace87398b0d515bbcd10e58af24dbbb788a9 e2bfe2f1f403a73ba3e9280de3f5bc7f70c887426bef0dbc11028731fc33d030
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /api/send HTTP/1.1
Host: u.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paste.fo/
Content-Type: application/json
Content-Length: 284
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:39 GMT
content-type: text/plain
x-dns-prefetch-control: on
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
access-control-allow-origin: *
etag: W/"qyfxhz886bgd-gzip"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1YKJi5MBsw0xZupwrp2SdYcIBs9RlrxQ7Nq6mnpz1Mq36OVAo11X4%2B8CXXrB0YL1eO6FMi1DZqboV6ZfD7XTZO27hWjFEX8QybGWcDmfj5Zj4N7wiyMGEmOQvmSL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b704fbbabda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/codemirror/mode/shell/shell.js | 104.21.28.76 | 200 OK | 5.4 kB |
URL GET HTTP/3paste.fo/codemirror/mode/shell/shell.js IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (5808), with no line terminators Hash208231715496dbfc0ec69b40f2edfeec ca8d73adea5dca0b2dd9ae8d323cfa8f5a00ac91 47a0a9215d6bac9bfe69c40e42023a75ba11e02c338c3de8ca73bd230d14a06d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/shell/shell.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/dd234e212112
Cookie: PHPSESSID=e98g8oja39omb8fehmr892cip9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"1507-614ce4aba2950-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uFrbTdzbaRWhZbuC%2BeJq07%2BckyjBPfzU7KVUfl83GL2GwImBnvU4xT4gWVY8RW70HAVUSitSAvuHNtqIb6I8FJnGqPJ0aE7SVPlX0jCbKcsTy7KjiJjDa5hlYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b65ab03abda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| u.paste.fo/script.js | 104.21.28.76 | 200 OK | 2.4 kB |
IP104.21.28.76:443
Requested byhttps://paste.fo/dd234e212112 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2496), with no line terminators Hashc7b7184df64285d4548b9eaa32a19509 ef7da84b4e6bd419d7afb62e99ab6461bdc3c8fb bb0c244f2792bc3cb178f2e98d239be893d11443e142aafcb5c0c059b8483440
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /script.js HTTP/1.1
Host: u.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:38 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: on
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
cache-control: public, max-age=14400
last-modified: Fri, 29 Mar 2024 16:49:26 GMT
etag: W/"977-18e8b1dc16f"
vary: Accept-Encoding
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VNbftqxSzu2vYkUK3Bo85E0tptwwJlFhDg2%2BCelWCVId7i4RERASrPER%2BpgpzxauDqW3aNeHlIgpqrmSmhxJRA6s33vFbOuSeFk60vjmG0CApoKmFBPEl9NdkmYp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b4b659aceabda-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| api2.hcaptcha.com/checksiteconfig?v=b1c589a&host=paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 | 104.18.125.91 | 200 OK | 718 B |
URL POST HTTP/3api2.hcaptcha.com/checksiteconfig?v=b1c589a&host=paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 IP104.18.125.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=1ijned3an5o&host=paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fpaste.fo&size=invisible CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (734), with no line terminators Hasha7f1d76a1e784786f80e1f25425916a8 4a2124bcbfb07ed129fc958a4a4891e076687871 abb56c74a216710b154772e88846090cc1e882931df275520ce49c37d56457b1
POST /checksiteconfig?v=b1c589a&host=paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 HTTP/1.1
Host: api2.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://newassets.hcaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:12:39 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28vk2VKwPbLoawFj9mU2fhedYxxWRCmxiAY2P53gH; SameSite=None; Secure; path=/; expires=Wed, 17-Apr-24 09:42:39 GMT; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875b4b6da9a892d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|