0 B URL leakzone.net/cache/themes/theme23/errors.min.css
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cache/themes/theme23/errors.min.css HTTP/1.1
Host: leakzone.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakzone.net/redirect.php?url=https://paste.fo/95e27729858b
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1713224727; mybb[lastactive]=1713224727; sid=a6be09dd8229b0d31fb0ba5cf38df1ec; PHPSESSID=dcetvnue0bllva3mf821kto498
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 15 Apr 2024 23:45:28 GMT
content-type: text/css
content-length: 0
last-modified: Thu, 24 Feb 2022 16:33:37 GMT
vary: Accept-Encoding
etag: "6217b361-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
448 kB IP
File type GIF image data, version 89a, 468 x 60
Size 448 kB (447785 bytes)
Hash 2879b76f5fafa17b4a3f0efef7ac23ed
600ccf9da601d302194688f233b38783b7f06c64
7c6368254c43729ef79071fef540d29d11d42fd860813bf51df53e12c7b1a0f4
GET /5jyKBff.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
last-modified: Thu, 04 Aug 2022 15:28:24 GMT
etag: "2879b76f5fafa17b4a3f0efef7ac23ed"
x-amz-storage-class: STANDARD_IA
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: 9m2oEubzwDnOilxRvRhKF4DUAZXeYkNVo8Fy2RNMIJ2Ky7gezZecoA==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 3433430
date: Mon, 15 Apr 2024 23:45:28 GMT
x-served-by: cache-iad-kjyo7100053-IAD, cache-hel1410024-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 2632, 0
x-timer: S1713224728.322216,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 447785
X-Firefox-Spdy: h2
590 kB IP
File type GIF image data, version 89a, 300 x 60
Size 590 kB (590376 bytes)
Hash d95ec782e51ae322beb0817d66a75ef8
7b53f68436b92cc1971cb55eb4b048dfdf281f05
71fdd0f41be678aff2013a074107043fe6d1d0054ea932eff64b3141104f04c8
GET /B27wxBI.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
last-modified: Sat, 03 Jul 2021 23:42:25 GMT
etag: "d95ec782e51ae322beb0817d66a75ef8"
x-amz-storage-class: STANDARD_IA
x-amz-cf-pop: MIA3-P4
x-amz-cf-id: iv0aEWBni5U1sdbM4TuAV0cTNfOSv37CPYljcokmWENMuPGNDcRGBQ==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 916753
date: Mon, 15 Apr 2024 23:45:28 GMT
x-served-by: cache-iad-kjyo7100042-IAD, cache-hel1410024-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 722, 0
x-timer: S1713224728.321584,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 590376
X-Firefox-Spdy: h2
98 kB URL www.googletagmanager.com/gtag/js?id=G-DZPVD72CSF
IP
File type JavaScript source, ASCII text, with very long lines (5955)
Hash c270e10c871e8bfcd5472d97e486facf
915d04eaff1ca0f01326b4d7a10df3a77238af17
7b6f09062c43d3192922c1a78455fd76ae437a649622359caf7b91990cd22c6d
GET /gtag/js?id=G-DZPVD72CSF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 15 Apr 2024 23:45:28 GMT
expires: Mon, 15 Apr 2024 23:45:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 98265
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
98 kB URL www.googletagmanager.com/gtag/js?id=G-DZPVD72CSF
IP
File type JavaScript source, ASCII text, with very long lines (5955)
Hash 03e1bbaa7069109b67422e0635150984
689f447a5f576d32629bda634bfff51c58dd899c
086f8c223b25bbc4f2aef8f3716b4761f2eff27e12ed146df71a46fd9b1d640a
GET /gtag/js?id=G-DZPVD72CSF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 15 Apr 2024 23:45:28 GMT
expires: Mon, 15 Apr 2024 23:45:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 98265
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.5 kB URL leakzone.net/cache/themes/theme23/hovercards.min.css
IP
File type ASCII text, with very long lines (6832), with no line terminators
Hash e96cc1d50bc9007d7c5484dba8bbd1ad
0df1e64c718835ef8aa459e46cf114192075be1e
ced99b19b76c244793f85f2dbea867a839d54535fe5bd03d5f37743240039146
GET /cache/themes/theme23/hovercards.min.css HTTP/1.1
Host: leakzone.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakzone.net/redirect.php?url=https://paste.fo/95e27729858b
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1713224727; mybb[lastactive]=1713224727; sid=a6be09dd8229b0d31fb0ba5cf38df1ec; PHPSESSID=dcetvnue0bllva3mf821kto498
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 15 Apr 2024 23:45:28 GMT
content-type: text/css
last-modified: Mon, 14 Feb 2022 09:03:32 GMT
vary: Accept-Encoding
etag: W/"620a1ae4-1ab0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
71 kB URL leakzone.net/jscripts/ougc_feedback.js?ver=1824
IP
File type JavaScript source, Unicode text, UTF-8 text
Hash 5bb1b300349c7150493d000fe09d1645
60a0e280bc2469485ab38f88976b103e996d880c
10b83a0afb897311dde35ca2318013bd460abeca74c1175666bf3bfa9bc168dc
GET /jscripts/ougc_feedback.js?ver=1824 HTTP/1.1
Host: leakzone.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakzone.net/redirect.php?url=https://paste.fo/95e27729858b
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1713224727; mybb[lastactive]=1713224727; sid=a6be09dd8229b0d31fb0ba5cf38df1ec; PHPSESSID=dcetvnue0bllva3mf821kto498
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 15 Apr 2024 23:45:28 GMT
content-type: application/javascript
last-modified: Thu, 28 Jul 2022 06:46:18 GMT
vary: Accept-Encoding
etag: W/"62e230ba-151e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
155 kB URL leakzone.net/images/lz-pirate.png
IP
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
Size 155 kB (154685 bytes)
Hash 83610072cd02272498b5e0f11635ec4e
8b8997cff878d6fa0d7ea0c8dd155520f4ed34ff
d1e99581aa5ba8adfb984848979cd086aa7e48ed4c25afda82d2dd5094a48dd1
GET /images/lz-pirate.png HTTP/1.1
Host: leakzone.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakzone.net/redirect.php?url=https://paste.fo/95e27729858b
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1713224727; mybb[lastactive]=1713224727; sid=a6be09dd8229b0d31fb0ba5cf38df1ec; PHPSESSID=dcetvnue0bllva3mf821kto498
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 15 Apr 2024 23:45:28 GMT
content-type: image/png
last-modified: Mon, 14 Feb 2022 04:50:19 GMT
vary: Accept-Encoding
etag: W/"6209df8b-125e1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
4.8 kB URL leakzone.net/jscripts/general.js?ver=1821
IP
File type JavaScript source, ASCII text, with very long lines (322)
Hash 4d808829b04bd67324af02d7703ebe2f
319dd14ccaf1cc91dc0d4684e833e903e69a9c12
04cb819add34c46403415ad93c5305a5ce3e079242bd380419fe3e9ad9fb7b74
GET /jscripts/general.js?ver=1821 HTTP/1.1
Host: leakzone.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakzone.net/redirect.php?url=https://paste.fo/95e27729858b
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1713224727; mybb[lastactive]=1713224727; sid=a6be09dd8229b0d31fb0ba5cf38df1ec; PHPSESSID=dcetvnue0bllva3mf821kto498
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 15 Apr 2024 23:45:28 GMT
content-type: application/javascript
last-modified: Sat, 21 Mar 2020 12:13:23 GMT
vary: Accept-Encoding
etag: W/"5e7604e3-3f98"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
80 kB URL leakzone.net/jscripts/ougc_awards.js
IP
Hash 9de070b19f070afbc2cb3bf57400e60f
0f0edb79056f0a8ce633f5fc0a2b0a4081bfbfe1
81043b081ad946e060ebc1ab353c1e0ec51ade4f30bc13e10d6f049ac54fc08c
GET /jscripts/ougc_awards.js HTTP/1.1
Host: leakzone.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakzone.net/redirect.php?url=https://paste.fo/95e27729858b
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1713224727; mybb[lastactive]=1713224727; sid=a6be09dd8229b0d31fb0ba5cf38df1ec; PHPSESSID=dcetvnue0bllva3mf821kto498
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 15 Apr 2024 23:45:28 GMT
content-type: application/javascript
last-modified: Sat, 21 Mar 2020 12:13:28 GMT
vary: Accept-Encoding
etag: W/"5e7604e8-82d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
17 kB URL leakzone.net/cache/themes/theme23/activity_system.min.css
IP
File type ASCII text, with very long lines (603), with no line terminators
Hash cb8ec646837ff9904875020e870953c6
8503489e1149796bfd1d2079dddc0fb83ff94c96
d0522eb78b3c172b1dbef152967f63f0856243660803ba1220b7b09fce9339f2
GET /cache/themes/theme23/activity_system.min.css HTTP/1.1
Host: leakzone.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakzone.net/redirect.php?url=https://paste.fo/95e27729858b
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1713224727; mybb[lastactive]=1713224727; sid=a6be09dd8229b0d31fb0ba5cf38df1ec; PHPSESSID=dcetvnue0bllva3mf821kto498
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 15 Apr 2024 23:45:28 GMT
content-type: text/css
last-modified: Sat, 01 Jan 2022 13:04:44 GMT
vary: Accept-Encoding
etag: W/"61d0516c-25b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
23 kB URL ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=b52916f59f
IP
File type ASCII text, with very long lines (60130)
Hash a12ec7ebe75a4d59a5dd6b79e2ba2e16
28f5dcc595ee6d4163481ef64170180502c8629b
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
GET /releases/v5.15.4/css/free.min.css?token=b52916f59f HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://leakzone.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 15 Apr 2024 23:45:28 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1696a1e7f7602d80638fb508ba2b83d2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR5-P6
x-amz-cf-id: EeWRrDXXF2OmwILpmj8-sprMWe4_bOcxQm0xh2ZKgMeh-SvPQIAlRA==
age: 2076674
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zNCnI%2Byvh%2BIkfk4EllERnor8DSWBbb0%2FdXXac9lZzPL2B3egWau%2Bn4VPn%2BTyaGnkrgnPRRgQU2VHnlEYsoYY9bug0yPSPPQQ2HDn7XMOdKPsuK6caLslMb0BuYC4t3oFjeZ8kt1g4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf3c0912635e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
7.9 kB URL leakzone.net/images/spinner.gif
IP
File type GIF image data, version 89a, 16 x 16
Hash 86b1ac6d1c485d54efa3a53643e91ceb
639a7a782fe1f9f14325deefb5abcbe29eff5570
e008bc0bca2fa6f9b9c113fad73551230961baec88c06b20997ec50171bb2b6b
GET /images/spinner.gif HTTP/1.1
Host: leakzone.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakzone.net/redirect.php?url=https://paste.fo/95e27729858b
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1713224727; mybb[lastactive]=1713224727; sid=a6be09dd8229b0d31fb0ba5cf38df1ec; PHPSESSID=dcetvnue0bllva3mf821kto498
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 15 Apr 2024 23:45:28 GMT
content-type: image/gif
last-modified: Sat, 21 Mar 2020 12:07:37 GMT
vary: Accept-Encoding
etag: W/"5e760389-606"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
35 MB IP
File type GIF image data, version 89a, 700 x 200
Size 35 MB (34617556 bytes)
Hash 46d87d67df4ba81d99fd7c2415314df0
bed9933d42371d3ea912af3b989c208b9b979345
f365ead7d29a39a8b74186231685bb8ff5c723242c7830dd958b035984ffe979
GET /JFU4dEk.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
last-modified: Fri, 01 Mar 2024 03:21:47 GMT
etag: "46d87d67df4ba81d99fd7c2415314df0"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: mPD6xjnDi3Aekse8geNUEKQ4PEAhmCzUUj0WbDUdWDVpGNO549t4gg==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 834166
date: Mon, 15 Apr 2024 23:45:28 GMT
x-served-by: cache-iad-kiad7000124-IAD, cache-hel1410024-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 4885, 0
x-timer: S1713224728.321487,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 34617556
X-Firefox-Spdy: h2
0 B URL region1.analytics.google.com/g/collect?v=2&tid=G-DZPVD72CSF>m=45je44a0h1v870570825za200&_p=1713224728201&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2010464665.1713224729&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAC&_s=2&sid=1713224728&sct=1&seg=1&dl=https%3A%2F%2Fleakzone.net%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fpaste.fo%2F95e27729858b&dt=Link%20Anonymizer&en=page_view&_ee=1&tfd=1146
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DZPVD72CSF>m=45je44a0h1v870570825za200&_p=1713224728201&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2010464665.1713224729&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAC&_s=2&sid=1713224728&sct=1&seg=1&dl=https%3A%2F%2Fleakzone.net%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fpaste.fo%2F95e27729858b&dt=Link%20Anonymizer&en=page_view&_ee=1&tfd=1146 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: null
date: Mon, 15 Apr 2024 23:45:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
0 B URL region1.analytics.google.com/g/collect?v=2&tid=G-DZPVD72CSF>m=45je44a0h1v870570825za200&_p=1713224728201&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2010464665.1713224729&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713224728&sct=1&seg=0&dl=https%3A%2F%2Fleakzone.net%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fpaste.fo%2F95e27729858b&dt=Link%20Anonymizer&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1125
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DZPVD72CSF>m=45je44a0h1v870570825za200&_p=1713224728201&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2010464665.1713224729&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713224728&sct=1&seg=0&dl=https%3A%2F%2Fleakzone.net%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fpaste.fo%2F95e27729858b&dt=Link%20Anonymizer&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1125 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: null
date: Mon, 15 Apr 2024 23:45:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
42 B URL www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DZPVD72CSF&cid=2010464665.1713224729>m=45je44a0h1v870570825za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1786019834
IP
File type GIF image data, version 89a, 1 x 1
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DZPVD72CSF&cid=2010464665.1713224729>m=45je44a0h1v870570825za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1786019834 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 15 Apr 2024 23:45:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
917 B IP
File type PNG image data, 16 x 17, 8-bit/color RGBA, non-interlaced
Hash 13152cee293c66df1d24413b91c67b48
466f22edcf7fb0f490593b3924818ea3f6b9d968
f1a11aed6f425787092acbb57cf575d0c02b5d01ddebb568c1d89aae12153f9f
GET /favicon.ico HTTP/1.1
Host: leakzone.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakzone.net/redirect.php?url=https://paste.fo/95e27729858b
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1713224727; mybb[lastactive]=1713224728; sid=a6be09dd8229b0d31fb0ba5cf38df1ec; PHPSESSID=dcetvnue0bllva3mf821kto498; _ga_DZPVD72CSF=GS1.1.1713224728.1.1.1713224728.60.0.0; _ga=GA1.1.2010464665.1713224729
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 15 Apr 2024 23:45:31 GMT
content-type: image/x-icon
content-length: 917
last-modified: Sat, 21 Mar 2020 12:04:27 GMT
vary: Accept-Encoding
etag: "5e7602cb-395"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
0 B URL region1.analytics.google.com/g/collect?v=2&tid=G-DZPVD72CSF>m=45je44a0h1v870570825za200&_p=1713224728201&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2010464665.1713224729&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=3&sid=1713224728&sct=1&seg=1&dl=https%3A%2F%2Fleakzone.net%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fpaste.fo%2F95e27729858b&dt=Link%20Anonymizer&en=scroll&epn.percent_scrolled=90&tfd=6147
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DZPVD72CSF>m=45je44a0h1v870570825za200&_p=1713224728201&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2010464665.1713224729&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=3&sid=1713224728&sct=1&seg=1&dl=https%3A%2F%2Fleakzone.net%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fpaste.fo%2F95e27729858b&dt=Link%20Anonymizer&en=scroll&epn.percent_scrolled=90&tfd=6147 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: null
date: Mon, 15 Apr 2024 23:45:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
11 kB URL leakzone.net/jscripts/extendeduseradmininfo.js
IP
Hash 1c28a7ba1e0f38f12b6b67da804e5fd5
adbad42698b9306f0c7d10b7b093de79ae5cf9c6
e994e76f8a1e5ac43b0d6e4d42193c6031c1ab43e89533e50ce89c5ac71f136c
GET /jscripts/extendeduseradmininfo.js HTTP/1.1
Host: leakzone.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakzone.net/redirect.php?url=https://paste.fo/95e27729858b
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1713224727; mybb[lastactive]=1713224727; sid=a6be09dd8229b0d31fb0ba5cf38df1ec; PHPSESSID=dcetvnue0bllva3mf821kto498
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 15 Apr 2024 23:45:28 GMT
content-type: application/javascript
last-modified: Wed, 27 May 2020 11:55:27 GMT
vary: Accept-Encoding
etag: W/"5ece552f-868"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
200 OK 19 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (52276)
Hash ded1c367363e8b20bdc6a19b8350a737
8c06d82739d14b094ff6d9036021a252bd1d985d
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: text/css; charset=utf-8
content-length: 18752
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6421d693-4940"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 21235
expires: Sat, 05 Apr 2025 23:45:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vRqjkpDaSyZH4Ofy26MIhOkcejp%2B8P%2BEoqgs75liWq25N36AZKKEnG%2BEks2oLApKJms9y6rUS2N0s93u9p2foEkKq5YWu3m%2FQYwfr7XOvZyC21TfnpkitKwHKOexxA%2BocYiFVaTF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 874fcf84acec5689-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
200 OK 28 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2750247
expires: Sat, 05 Apr 2025 23:45:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GgMjhV%2BMJXEjGzvRwpqiMF5FJX%2FcXZSSvOufnECV5k5B2I2vd%2BxKcYBxQBrt9Az1eMiym13Xwkf8pm4V6UPDyVIQDkafKHJ39lla%2BtKInAJsuacrSGi5%2BROQTHnhJ1iC9PhVvVgi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 874fcf84cd095689-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
1.5 kB URL leakzone.net/cache/themes/theme23/Checkbox.min.css
IP
File type ASCII text, with very long lines (4180), with no line terminators
Hash 8611d5ed3d7186ab71159e03e2596a50
c04e0ccb8387cb5ca1bf12d6e88368d10cf1bd64
6ec2a00d685d82f7a920c77a676925fc8b22b4676557e925966abb8b23b1e83d
GET /cache/themes/theme23/Checkbox.min.css HTTP/1.1
Host: leakzone.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakzone.net/redirect.php?url=https://paste.fo/95e27729858b
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1713224727; mybb[lastactive]=1713224727; sid=a6be09dd8229b0d31fb0ba5cf38df1ec; PHPSESSID=dcetvnue0bllva3mf821kto498
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 15 Apr 2024 23:45:28 GMT
content-type: text/css
last-modified: Wed, 31 Aug 2022 02:08:55 GMT
vary: Accept-Encoding
etag: W/"630ec2b7-1054"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
94 kB URL leakzone.net/jscripts/myadvertisements.js
IP
Hash d8badbc7ac318b853211a70002abf052
1ae5d0516d99df40c8c1ea5417760aa1139509fc
6aaf36ddcbcbbdfd2225542ca69adaf562c78571286e2776e847216f8f332038
GET /jscripts/myadvertisements.js HTTP/1.1
Host: leakzone.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakzone.net/redirect.php?url=https://paste.fo/95e27729858b
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1713224727; mybb[lastactive]=1713224727; sid=a6be09dd8229b0d31fb0ba5cf38df1ec; PHPSESSID=dcetvnue0bllva3mf821kto498
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 15 Apr 2024 23:45:28 GMT
content-type: application/javascript
last-modified: Sat, 11 Dec 2021 14:50:11 GMT
vary: Accept-Encoding
etag: W/"61b4baa3-5b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
GET paste.fo/assets/css/user.css
200 OK 1.2 kB URL GET HTTP/3 paste.fo/assets/css/user.css
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (5214), with no line terminators
Hash 45159948a0d994fd556fdf10f6b38726
e8979376755cef038f4758ea0d233b04c9f787f5
9924b095678c7bb39f02707339cc66e43e2e3c5b303ae40a794fdd701ae8745d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/css/user.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7053
etag: W/"1b8d-614ce4abcf80d-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zk2%2FGoD5K5zZb168QcmkH5P9MQkEiIkjpSWU1y61ufMVEbZUYs3v9o7P%2BFOiR%2FbSa%2FEmfIe%2FH9FRxf0XFYC8qP9vfXtgFeUmslba04AJ61LTVj8onLsp7%2F4Ggw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf845c2156c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/assets/css/responsive.css
200 OK 26 kB URL GET HTTP/3 paste.fo/assets/css/responsive.css
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (4570), with no line terminators
Hash 85e024d58588895496ff6e65f47a0484
ff6cb78df5ee61dffa425ace5283407ee562e4af
fd51897bd68e6bdf326bfb11b3580be32da026ab50c5e494677b202f93822877
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/css/responsive.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7512
etag: W/"1d58-614ce4abcf80d-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tbCMqJCVrZq3hoLdPSPYUfef5XvWGP9sHI5%2FdUSwsZMardFrBj9jI3RncY7jTXA2hwnSvnE8e2UR%2F%2FCFXQFKFl3brvo2Yuw%2F0R%2FJzZeYD%2FN9%2FYd4LDoMEz1GmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf846c2356c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
177 kB URL use.fontawesome.com/releases/v5.13.0/css/all.css
IP
File type ASCII text, with very long lines (58392)
Size 177 kB (176861 bytes)
Hash 76cb46c10b6c0293433b371bae2414b2
0038dc97c79451578b7bd48af60ba62282b4082b
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
GET /releases/v5.13.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://leakzone.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 15 Apr 2024 23:45:28 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
etag: W/"76cb46c10b6c0293433b371bae2414b2"
last-modified: Fri, 22 Sep 2023 01:45:07 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 2073074
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k5Kg9VlV74RO%2FXidtlB29xtJr22CzIQSiCoF9J%2BFfK%2BxNHqh8gI2C2JYZ5Inw6EAu6ZbFfqypw%2FKxDt6L2%2FSxlHpRlUc3e9TDwHhI5hGAvR0hgpBlTggpnOBEWWvBQ5vGqWDLEEq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf392f9888a9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET paste.fo/codemirror/mode/javascript/javascript.js
200 OK 8.2 kB URL GET HTTP/3 paste.fo/codemirror/mode/javascript/javascript.js
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (1412)
Hash b5bf8a874f93ad7109c420727888ad47
8d08219bc1257d5537a649cac713ef426158b9a8
4a0ab339997f3729a8eb6a08fca6574408918d1684eaee21760a438bbea82189
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /codemirror/mode/javascript/javascript.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=38892
etag: W/"97ec-614ce4aba5830-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MvdyVykkvHqoAFn8IosQvfZDP3uzpLLeMuIjiHsNoZRAqOzfzaK31tMmDCmDsrmHjExshzDgINKT8obhh5FD49vFI06C6gTgOz7xny36sSDhtdB%2B5%2B%2F5oHw%2B7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf848c5356c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/assets/svg/thumbs-up-regular.svg
200 OK 1.3 kB URL GET HTTP/3 paste.fo/assets/svg/thumbs-up-regular.svg
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 16edbe83aaa9c8b1f0dae88e622e97cb
49c1e9c26f6db1c4c768e72dfbbf231a0e6fd237
3c1e8bd2dd9e8b3935c601e8bb4fc3f90ee85359acabded24b7f943b9fd1c65b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/svg/thumbs-up-regular.svg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"5d9-614ce4abcb98d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zcCbDvr6cvI0aVOFck9O0B8qoAaM2XxBv%2BnOhqviP5zdIxfzfbWnIZaM1Wp2Z6%2F61bOYlgCXbfwbV49K07gVa0p7riCdzpJ5PMPS%2FEb1D8vK%2B4CLDyexkI2oPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 874fcf848c7956c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/node_modules/@sweetalert2/theme-dark/dark.css
200 OK 26 kB URL GET HTTP/3 paste.fo/node_modules/@sweetalert2/theme-dark/dark.css
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (24342), with no line terminators
Hash 80b002261f8a746e3756d6883342252a
c8282deb8dfdcdf89ca54c6d6e34b23bc2beeb22
6b7dfdcc77e85a9db663a990f749d892c774f63254404cf2a72b312a8136bfd1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /node_modules/@sweetalert2/theme-dark/dark.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=30018
etag: W/"7542-614ce4ab9ead1-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QOlFcJUjuXWxxLtlhOLMIUMpw3LcmjmHsARVbfvNKgiXqZfopJwoA%2BVm2nLmnmtBI7Xv7eaduNHQsJhPD0fUyYnvtp033a%2BtCbyNxkGUlrmmSJrY7Gw6KlmN6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf846c2656c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/assets/css/cio.css
200 OK 22 kB URL GET HTTP/3 paste.fo/assets/css/cio.css
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (1152), with no line terminators
Hash 6a91b9352b213689c0432bb87eddb2ae
4a9beb1f3a827dee5a03a246a296fac2f3677165
5721962451086a4c469a6d1b1e4cc133f03c3ea0377916a91b45373463855620
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/css/cio.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1653
etag: W/"675-614ce4abcf80d-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hC%2FSIvVCdkgiVpvZ8oKTVCCtqU2QUo94yrFeWg7ibbri2x1So4GgC%2Bld15kSUPJETn7vw5OcewHrFH0Z8fEGONnrmqtGsGhsut8B2d1LPt2VssZTPNDLgzpyiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf846c2456c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/assets/img/bg1.gif
200 OK 25 kB URL GET HTTP/3 paste.fo/assets/img/bg1.gif
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image
Hash dcab8f9443952c7589be3e4db6072853
824ca8c921eeca604844d3f00d08691631199201
a1a2a8e83029575fa6afde2c7b946fd3d98407fccf673c587aac398cd2fc8cef
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/img/bg1.gif HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:41 GMT
content-type: image/gif
content-length: 24898
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "6142-614ce4abce86d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Yt50c4dZ6j7caiIj%2BQzRReeyiNXtA%2BnZ%2Fa%2FAF9WdCa1ND%2Bm0KMOZGkZgaZ%2Fv6JRwuOC8eFX2cS583n8S5bcjHItg2QJi8JFeEhPmA5BMjZJnPISP6npO4%2B%2FIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 874fcf88884156c6-OSL
alt-svc: h3=":443"; ma=86400
GET js.hcaptcha.com/1/api.js
200 OK 131 kB IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (41625)
Size 131 kB (130681 bytes)
Hash 052bf4abb4128ef78b68c418f7d94678
2b6c44a8cc009017a2909c7afd71e371e82b7d27
01908359050da30c842f89d13af0447be961b00b67b46eb61114d1fa48f1bdc9
GET /1/api.js HTTP/1.1
Host: js.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: application/javascript
etag: W/"5a68efa2b964d5c167fde3b130af8e94"
cache-control: max-age=300
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Mon, 29 Apr 2024 23:45:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 874fcf84ef7256c3-OSL
content-encoding: br
X-Firefox-Spdy: h2
GET paste.fo/cdn-cgi/challenge-platform/scripts/jsd/main.js
302 Found 0 B URL GET HTTP/3 paste.fo/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Mon, 15 Apr 2024 23:45:41 GMT
content-length: 0
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
cache-control: max-age=300, public
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hk4cOaNlWfoE%2BHZpB8rfNvuiX1MCES6z2fHxUzH1JBXQ%2FOtfqv%2B8Fj0crz7Hf1OR8aiGraR5cy7ckXr4WqZy67KBvU9QjH78h1UdBHTdFN1zoJ2sX0rbvy7vkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 874fcf8a5a1f56c6-OSL
alt-svc: h3=":443"; ma=86400
8.2 kB URL leakzone.net/jscripts/jquery-ui-tooltip.min.js?ver=1824
IP
File type JavaScript source, ASCII text, with very long lines (19890), with no line terminators
Hash 17e3fb8f176c59e39c2a62c787d39c71
acacd5cf1f321a00a67f0f682f12f1fd88d5de2b
c0d8cbab2ada9a3c948f1d9bf6481a30db944ae1050c0d839ad43c3b90a26423
GET /jscripts/jquery-ui-tooltip.min.js?ver=1824 HTTP/1.1
Host: leakzone.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakzone.net/redirect.php?url=https://paste.fo/95e27729858b
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1713224727; mybb[lastactive]=1713224727; sid=a6be09dd8229b0d31fb0ba5cf38df1ec; PHPSESSID=dcetvnue0bllva3mf821kto498
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 15 Apr 2024 23:45:28 GMT
content-type: application/javascript
last-modified: Sun, 27 Feb 2022 17:22:11 GMT
vary: Accept-Encoding
etag: W/"621bb343-4db2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
GET newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js
200 OK 109 kB URL GET HTTP/3 newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js
IP
Requested by https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0d4e8kluvj2&host=paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fpaste.fo&size=invisible
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (41625)
Size 109 kB (109153 bytes)
Hash 052bf4abb4128ef78b68c418f7d94678
2b6c44a8cc009017a2909c7afd71e371e82b7d27
01908359050da30c842f89d13af0447be961b00b67b46eb61114d1fa48f1bdc9
GET /captcha/v1/b1c589a/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:41 GMT
content-type: application/javascript
etag: W/"5a68efa2b964d5c167fde3b130af8e94"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Mon, 29 Apr 2024 23:45:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 874fcf8adac35693-OSL
content-encoding: br
GET paste.fo/6A668F63MC5E444341450D1F1608480800554F520C187AME516013540D6719745F0E164C5719515951.jpg
200 OK 2.7 MB URL GET HTTP/3 paste.fo/6A668F63MC5E444341450D1F1608480800554F520C187AME516013540D6719745F0E164C5719515951.jpg
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type GIF image data, version 89a, 550 x 138
Size 2.7 MB (2706563 bytes)
Hash 11b1b89b7f93db55146565dad55f097f
c9e044da0ffecb0fb7680950fe66d71456e28598
77c397ec17c2728835c22312ad8124bb7d66f3ec9b723090a5ecd195c803e8a7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /6A668F63MC5E444341450D1F1608480800554F520C187AME516013540D6719745F0E164C5719515951.jpg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:41 GMT
content-type: image/gif
cache-control: public, max-age=14400
x-wp-cf-super-cache-cache-control: public, max-age=3600
cf-cache-status: HIT
age: 1678
last-modified: Mon, 15 Apr 2024 23:17:43 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=obrgVSwhtBdcv3PtOX6HeLLksQ30ubXSwp3d1vzQmG2VmGDdbtn4XGIqPVbC8P6RBC6tfuImyHJXjDYKt3lUDDOEsccTe2ePpX7rrkQ8Aa8peOlMoueCdlsAAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 874fcf88883e56c6-OSL
alt-svc: h3=":443"; ma=86400
GET paste.fo/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 1.2 kB URL GET HTTP/3 paste.fo/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (1271), with no line terminators
Hash 40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: application/javascript
last-modified: Fri, 05 Apr 2024 17:26:04 GMT
etag: W/"6610342c-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jrPb6KXVEofPcgaB5AL%2FlY0Wa%2BWL%2Fv9VLkQtdQkLrryJ1kEnvC58eI%2BwL0uqQ2w9hhQe2U6%2FoUh58Egq%2Bz8jfoB5AXkh%2F3xjQzaCPm0hyt7KUf%2FjSHDJpruzOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 874fcf84ac8956c6-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 17 Apr 2024 23:45:40 GMT
cache-control: max-age=172800, public
content-encoding: gzip
GET paste.fo/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
200 OK 7.9 kB URL GET HTTP/3 paste.fo/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (7852), with no line terminators
Hash fa3a707f936e9919f8e7354ee01ca88a
cd51d751469a1282876c377283959ed8e9c23e35
bb8ba7db531d971550f0d436984b3b8f2f037cfca2ad26e7d799bc88577b90bf
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:41 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-content-type-options: nosniff
content-encoding: br
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CUUHj%2BXuRxlh7kK1Z8OSb11U9hl7kJHU1ZNJY6pOJ5TAAtZwFmoVhD2hL4y7uC%2BBlxLoW8cKm1NwPn9qEDlaEZ7UwIXsCUvZBrqsYqnU3BOOjVg3ZcV6%2FQwB%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf8aaa7056c6-OSL
alt-svc: h3=":443"; ma=86400
GET paste.fo/codemirror/mode/xml/xml.js
200 OK 9.6 kB URL GET HTTP/3 paste.fo/codemirror/mode/xml/xml.js
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (9904), with no line terminators
Hash 3ec07361d74afef5a6157560b789479f
34b9c1956f2ad4cd02ff2155615cda04f17bccfc
05c1e29bd73a327db390a83066b86acc99162f86e2ded090cbb70fd84d94e575
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /codemirror/mode/xml/xml.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=13353
etag: W/"3429-614ce4aba5830-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cPG2mEd3jhY6DgToKX9N2Ded5%2FVGWkADDwJRuQAqgy1Lxr%2FL%2FufrzHOXvk8iKglu9gWalbWBy%2BK41PiszQV4yyS3Y0s2eP1xS7B0L6hABAFo4CErFRa8BbDu0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf848c5056c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/codemirror/mode/clike/clike.js
200 OK 28 kB URL GET HTTP/3 paste.fo/codemirror/mode/clike/clike.js
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (1704)
Hash 2b5341f353f5cb58026ebb1b6f047842
1bdda948cdf3b6c9644d8d07cc74c8aaef330f64
c0e7c4989a015e232a497a9b28e5c0fbb2558066ac52a6339ad59d3d924a0d3e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /codemirror/mode/clike/clike.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=37231
etag: W/"916f-614ce4aba5830-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LMNmwfgCJGUSrI8HBzlQ4yuxDfThZN7ie3O6ArbXRw9AfCvPXEY87OpUv3qPalcug%2Fy0H5mX8tDnyQXm26dVuGm5C38n90dOASr%2FE4L3YyUCKfbQ8U0ca%2F7LmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf848c6f56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2
200 OK 150 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 150124, version 772.256
Size 150 kB (150124 bytes)
Hash c64278386c2bbb5e293e11b94ca2f6d1
6b99aa650bd12a36caa14e0127435d8f4cd3ba73
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 15 Apr 2024 23:45:41 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150124
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-24a6c"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 18124
expires: Sat, 05 Apr 2025 23:45:41 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X4io5gmfuH5lk5HCxG%2FxczGDQSbCP7mgHLJOiMbK6tXtibQrBX%2F%2BzkvCWHqphxxKNuadoc5qkTDJm0%2Fn5LmVcLOClMnv2Uc1vE1fTnnnPQL0p5Q3YYuv%2BinjMBw0vgW1EFzemdSw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 874fcf88aec85689-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2
200 OK 25 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 24948, version 772.256
Hash 61f30b79daf5b31f0d254a31fba66158
fb363d27cfdfe71a243fa2ac3dab2815232b9b7e
8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35
GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 15 Apr 2024 23:45:41 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 24948
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-6174"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 21714
expires: Sat, 05 Apr 2025 23:45:41 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9mEEwsOgi0%2FIqUMZbRUsVHla5iL2A7hZiiTQvfZ7TNDkT7fGoBdOt8rF87huAiRSDMkmvzsnZPpoZyIUZQAo2mIYY61gbD4qFvp3VmrBDoi1EXNuE0TeGKMAibXHk62xa2MEITL4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 874fcf88becd5689-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET paste.fo/favicon.ico
200 OK 15 kB IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
Hash cf593ad6a070c546ba238d5172b52aa1
9bed079538917ab59999ea26e8becca1cec74af8
d19e9b6b10d3890ef6cffdc76821fca266f2c0db6c653ffe16b5984a200a4015
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:41 GMT
content-type: image/vnd.microsoft.icon
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"3bec-614ce4abd368d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6887
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bsPmOMLXm8OQhXTzuMMPYI56CwClRBAqWOKbkI2oonQiDFPb98o4cGpKBwMtNUpQJoKjqtpF4GTvW5ktL4tP8blJNqvK6OsuPXvTRn7TuZnbE3UA7FfIKCpMzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 874fcf8a29f256c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST api.hcaptcha.com/checksiteconfig?v=b1c589a&host=paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0
200 OK 718 B URL POST HTTP/3 api.hcaptcha.com/checksiteconfig?v=b1c589a&host=paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0
IP
Requested by https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0d4e8kluvj2&host=paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fpaste.fo&size=invisible
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File type troff or preprocessor input, ASCII text, with very long lines (734), with no line terminators
Hash ed7c751df181c6edbd8dad66f5fe41d8
0ed08c8a9f679c8d96c3b8650bfca3940d911956
1f8eb6d5e3709209af8be0f9f4391401390bec907b2d6c10e1b56258c63a9e42
POST /checksiteconfig?v=b1c589a&host=paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 HTTP/1.1
Host: api.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://newassets.hcaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:41 GMT
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 874fcf8cabe65693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/node_modules/sweetalert2/dist/sweetalert2.min.js
200 OK 43 kB URL GET HTTP/3 paste.fo/node_modules/sweetalert2/dist/sweetalert2.min.js
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (42951), with no line terminators
Hash f15be88a3c9bf40debcc080b125c7e91
4a636976285768dd43278f43d63ba5779f3f493d
8c80ad67878fb50120f124f112bf665e7804452332970d3279b571b13a26d910
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /node_modules/sweetalert2/dist/sweetalert2.min.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"a7c7-614ce4ab9fa71-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5QKDQaJbLEmWcDt0zp8Px9x%2FvYjl52Ckw6PPmYEm60AcDawBXF6uLAviz%2Byu6lmmE5KgPdSwmkjgeAZAHQgJxP0d3s9X3fIxvPbdpeOrRDQirBmYcuU%2FDcpvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf847c2f56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST paste.fo/cdn-cgi/rum?
204 No Content 0 B IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /cdn-cgi/rum? HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1030
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg; _ga_HKXR34F8P3=GS1.1.1713224741.1.0.1713224741.0.0.0; _ga=GA1.1.1796402372.1713224742; cf_clearance=1KSPL1xN7hzXh.WgbXzcXiQoLo50i_tVJ_Qcq2NkM70-1713224741-1.0.1.1-RUMH7dCueVqT5FknC7.f2HMN6sdMUYjE66CPRJlPgdV47zdf7J7zFNpd3RQGeSICn_CbCeyzIJtfY9wTby7Ihw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
date: Mon, 15 Apr 2024 23:45:41 GMT
access-control-allow-origin: https://paste.fo
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 874fcf8c8c4d56c6-OSL
x-frame-options: DENY
x-content-type-options: nosniff
GET paste.fo/assets/js/hyperlink.js
200 OK 1.0 kB URL GET HTTP/3 paste.fo/assets/js/hyperlink.js
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (1107), with no line terminators
Hash 57f9dc10b415891524d8668c91b97120
8c5e819d656b25748485e8380bb50b24bd2a159d
4904079029f843d33043406564cfb3ccae3570f8a1d97f303ef0fa7e07001e5f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/js/hyperlink.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2060
etag: W/"80c-614ce4abce86d-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5indjvrRImSsCKW5aORx40V658aZrcRHABwkx9BWAYbjipcLnyKI%2B62g0ju8eSLBIiFTlhNwuD3UOGgE8lmFdYKRzeWNJor2mY0UYs6Y7V9yQ2o3zq%2FqwyrbQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf848c7456c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET fonts.googleapis.com/css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
200 OK 40 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hash fb9a01c247c59daca77d5e373217b0b1
df072c2f05f7e6884df927cf8b4d2144937b8cbe
f6ce0c3fb43d72007637cf61a13dc4c6a0cb1111d2f457dc1386008f83fe13c3
GET /css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 15 Apr 2024 23:45:41 GMT
date: Mon, 15 Apr 2024 23:45:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
OPTIONS u.paste.fo/api/send
204 No Content 0 B IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /api/send HTTP/1.1
Host: u.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://paste.fo/
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
date: Mon, 15 Apr 2024 23:45:41 GMT
x-dns-prefetch-control: on
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
access-control-max-age: 86400
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bs3xLqzpqaXCxAXiEie0ufnednDLON%2FqhyU3MDK5UyFCdjzC%2F9rK6HPUcBVsQQyic0eM6l7v6R3XFy%2B%2FJDyjlU6rxzsqv8pqdjJ2vivFqEoRkYGhSB6xZ1OH59Oh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf8c7c4c56c6-OSL
alt-svc: h3=":443"; ma=86400
GET paste.fo/codemirror/lib/codemirror.css
200 OK 6.3 kB URL GET HTTP/3 paste.fo/codemirror/lib/codemirror.css
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (6275), with no line terminators
Hash 2562bc2e52c5852b18e87ec08978ba49
54c7e49460f3235492050057453609fedcc01e09
73d08a4fac48937ec5ce812b154c088351783009eba0c22644ec91ef9a0c0ff2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /codemirror/lib/codemirror.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=8720
etag: W/"2210-614ce4aba67d0-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2N2FK3SgS9rk6vF0Q9o1B4MuDJrbudoj9Z%2BPmvH2o2rCip8NQosPNpa5c0BmdmiBTjlaWCJ8Smh1tNtX%2B2UAHPFHABXJvgJCoFh1j0TbIEwez807Ze8GuNhqaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf847c3056c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/assets/css/style.css
200 OK 11 kB URL GET HTTP/3 paste.fo/assets/css/style.css
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (10693), with no line terminators
Hash a9579467f8b95bbcdbd6232105e6a253
df9b19ccebf1eca5fe14169881b132813919345d
22877d598e09dd9f8452f52a500181eae909e3f4aaa4d4c49e0b0b18cfbd60da
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/css/style.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=15702
etag: W/"3d56-614ce4abcf80d-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1SdLaLKNfPhOKwI9JO5%2FHbM317vdaUQGaQm2LxWzaTeFFh%2F5mN%2FSQZO2DGcOX4Uc%2BFNEH2hqUR8tC8U%2FmZn5dIx5s5rFhicGL7SgDgIzRaWaJ9%2FDNm9mVgITqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf845c2056c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/codemirror/mode/php/php.js
200 OK 16 kB URL GET HTTP/3 paste.fo/codemirror/mode/php/php.js
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (10405)
Hash 435c5cc4f876bcb6369acfccba865995
a65908ec04cd4f6907098d22702320c7f88e725e
1ece120c4b6f866fc0f6a32b7a031709a76d3a192025fdef0931a52953f489cd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /codemirror/mode/php/php.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=18339
etag: W/"47a3-614ce4aba5830-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zn%2FD74xktr1bEobJchHWGfYSivJ%2BPHedNyuRSHRPvZFxbLLOC7oEpECpzzhyTJMduEoEpvMnojKizudHQIgfOCXai8onxHKM7YReRw5AgR%2Bibi6HKIDeTnx%2FpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf848c6556c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/codemirror/mode/css/css.js
200 OK 33 kB URL GET HTTP/3 paste.fo/codemirror/mode/css/css.js
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (19025)
Hash cbeb7b6de8ada022149bfa4792e625ce
4f4f5c1bc7dfa002df676fa44ecd6d7294ba4c12
dea0ae84464fd019f70399964e19a94d9c27086aadb937e522e7a7862080132f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /codemirror/mode/css/css.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=40492
etag: W/"9e2c-614ce4aba67d0-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJoeLGWdv6qebSZKOi3cBfUGCt21L6bsY3o2Fgw%2Fs06YM54vdSaiUC5JjnzByutAKprKwqiTN2NZbHOLsIU0SWP6POrZzJ5a%2FwEhEemVK7lEdFi9NXaJgVwHww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf848c5556c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/codemirror/lib/codemirror.js
200 OK 262 kB URL GET HTTP/3 paste.fo/codemirror/lib/codemirror.js
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (2035)
Size 262 kB (262407 bytes)
Hash 9775b8d7cc0bda6b762fcef0f617a5dc
42c642c7a6c070207773fd5ef00310ed4ef8380f
c6f3c3f85b438110a153601b764ec02d90a4899c37e7699e9187c01fe5b96c45
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /codemirror/lib/codemirror.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=401347
etag: W/"61fc3-614ce4aba67d0-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mPTkds7c4G5m511KaGr7juQwCnaqg8AjLqps3%2FAE7ce%2Fim4YH4pwscr2biOwJZ8Zex%2BCUOPGphLOnZ5w2deoT1o96KDfRNJEGnWpglcIcadsWEl5NYj8gY630A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf848c4d56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/CSSsafdce85e62.css
200 OK 173 B URL GET HTTP/3 paste.fo/CSSsafdce85e62.css
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 9790b5b9921858332d4f6294d0e34d82
bea05a50ddc5fb6ae96fe2b900d10cf065caa6a6
5ff5f8435bfa2459288d4e09e9fc650fc1873cb4aae4c469cdaedbef4c36c037
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /CSSsafdce85e62.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 15 Apr 2024 23:45:40 GMT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=blODhZaH2ouIonxu%2BelKiDscBk%2BP3ef%2BFo%2B%2F71R4Xs1T2%2BFcYlUUhVvNBYWgZwcsvTeTUJd8t28fh2wNJJ%2FFO6TDJqm3XzLhVVpSjBAn2lgkFh8k4kFsI7vr0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf848c7856c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/4F53F91CMC5C4D114510084B185A185B095711441AM85B5F5E4D4A665B11006A404F505D54.jpg
200 OK 2.2 MB URL GET HTTP/3 paste.fo/4F53F91CMC5C4D114510084B185A185B095711441AM85B5F5E4D4A665B11006A404F505D54.jpg
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Size 2.2 MB (2222157 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /4F53F91CMC5C4D114510084B185A185B095711441AM85B5F5E4D4A665B11006A404F505D54.jpg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:41 GMT
content-type: image/gif
cache-control: public, max-age=14400
x-wp-cf-super-cache-cache-control: public, max-age=3600
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2672
last-modified: Mon, 15 Apr 2024 23:01:09 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VH2R3y53R6ceL4cd3hSvvoQf%2FupMjDXjIoRiafw%2FxmLqX0UcWTSoRJA0tZSM5Hr3IZMX09y1JtkhyZJiyU7jMIcp%2FGgkpcI8oLbp%2BFA5CKSpCt%2FZ9Fj3WTr10A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 874fcf88883d56c6-OSL
alt-svc: h3=":443"; ma=86400
GET paste.fo/assets/svg/twitter.php
200 OK 1.1 kB URL GET HTTP/3 paste.fo/assets/svg/twitter.php
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type exported SGML document, ASCII text, with very long lines (1064), with no line terminators
Hash 52ada42cb5438b7b0421018fd75f361e
d5e00f0d91ac0e644fa97b585fa704764276830b
5814970c931c847c4acc7c25ce39b1f9abbed82f7642c2da34a93f895d875746
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/svg/twitter.php HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1oZk1sUCev5YDpAU5UVxanaaqWDie95InpHPxQg7K1wOApaGD8%2FVFN10IanSsmbgfq1ADFX6COJsDfv3u81F3bfFpPIIznsLpp4V59BIDb%2BiU6RPpW5F77QI3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf849c8156c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/assets/svg/discord.php
200 OK 1.6 kB URL GET HTTP/3 paste.fo/assets/svg/discord.php
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type exported SGML document, ASCII text, with very long lines (1567), with no line terminators
Hash f25e187801ad4549ff6d1f7923827d9e
682ad175492f0c7ca063eb8b29df8e5fb92ab3ce
c4c482f2711284ca3fb68e15af960645b841af8880e7e86ea031ca86470c5e22
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/svg/discord.php HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r6znjBmD1Ml8N7skqVj9WNf2n1csSRbsZyVe7xIvGlKpTXgPFLJSVe8ab957Eh9QXKKts6umwBssO8OIczczcqY942QJcB4tNUdEmO509MLXRcp4y8Cr0q%2FGIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf849c7e56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST u.paste.fo/api/send
200 OK 589 B IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (589), with no line terminators
Hash 854999694d026844446b10b78e2d1948
838962db76f77c0e4f8622538e7546cb764b7d11
25b328a3d33d7a260e9c4f066f995db9427178ae3ce805841c27cbebea41939a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /api/send HTTP/1.1
Host: u.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paste.fo/
Content-Type: application/json
Content-Length: 219
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:42 GMT
content-type: text/plain
x-dns-prefetch-control: on
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
access-control-allow-origin: *
etag: W/"1eb360oogzgd-gzip"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JRYyVmyISUpozKwQozOv2BM2iy5iPOk7BWvkNynMk2czfR%2FIkR4Tzu98hIUZlCTUgJ6v9inNV5Jx4Nfd2et1ObHz87tUHpecdz1Dx5elFQwQV85CRsLoHraSIX01"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf8d4cc156c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/codemirror/mode/sql/sql.js
200 OK 50 kB URL GET HTTP/3 paste.fo/codemirror/mode/sql/sql.js
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (43375)
Hash 3cdc1020173551b4420eaf86ba005542
b8d24d2ff67841845091e27077fb018dfd90dfcb
319f94b54817677bb7cb4b39e3c1188b7036b60f6e83d7fe4dffcedda4244713
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /codemirror/mode/sql/sql.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=59538
etag: W/"e892-614ce4aba5830-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jYgIdE74itpX6Ex7GpMC24UiJOtgLNNQbxUY6%2BjaY9wySJwvtPOmAAybKWEsxRLxtfsDAw9HDlIxTK5lUwARIq8Pcxo1n7KtA2Zjrf5BraaC5Ygy8yrtMdjM7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf848c5956c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
200 OK 22 kB URL GET HTTP/2 fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File type Web Open Font Format (Version 2), TrueType, length 21528, version 1.0
Hash 6113a25a586aeb6d0d3af5b5b652b973
25619eeae1fe17389310e4d392c427b7711dba44
539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f
GET /s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:41:26 GMT
expires: Fri, 11 Apr 2025 17:41:26 GMT
cache-control: public, max-age=31536000
age: 367455
last-modified: Wed, 13 Sep 2023 23:21:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
200 OK 1.7 kB URL GET HTTP/3 newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File type HTML document, ASCII text, with very long lines (1768), with no line terminators
Hash 825c2f21a9a22bd9911e6686ced37ded
74f703bdafeabb1aad6a04b073d1745298c111dc
0624e04628b8b0d5f77b594b9ef1408296a1774109a47d7c1ac402e1d2636350
GET /captcha/v1/b1c589a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:41 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Mon, 29 Apr 2024 23:45:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 874fcf8a4a595693-OSL
content-encoding: br
POST paste.fo/cdn-cgi/challenge-platform/h/b/jsd/r/874fcf824f4656ca
200 OK 0 B URL POST HTTP/3 paste.fo/cdn-cgi/challenge-platform/h/b/jsd/r/874fcf824f4656ca
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /cdn-cgi/challenge-platform/h/b/jsd/r/874fcf824f4656ca HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12142
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg; _ga_HKXR34F8P3=GS1.1.1713224741.1.0.1713224741.0.0.0; _ga=GA1.1.1796402372.1713224742
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:41 GMT
content-type: text/plain; charset=UTF-8
priority: u=3,i=?0
set-cookie: cf_clearance=1KSPL1xN7hzXh.WgbXzcXiQoLo50i_tVJ_Qcq2NkM70-1713224741-1.0.1.1-RUMH7dCueVqT5FknC7.f2HMN6sdMUYjE66CPRJlPgdV47zdf7J7zFNpd3RQGeSICn_CbCeyzIJtfY9wTby7Ihw; path=/; expires=Tue, 15-Apr-25 23:45:41 GMT; domain=.paste.fo; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CugsuTJKm%2BS8OyzA1VLYfCBg59RfEIQkHXdl00UQGdkFfuAhq5Pv%2FDCjNlwLTSqnMYUhMz5iYLkD3hjWXdsNnZhX0eojs3AEBWHEKIFCZa0K09rDXtrVWN4%2F7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf8b9b6856c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET u.paste.fo/script.js
200 OK 2.4 kB IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (2496), with no line terminators
Hash c7b7184df64285d4548b9eaa32a19509
ef7da84b4e6bd419d7afb62e99ab6461bdc3c8fb
bb0c244f2792bc3cb178f2e98d239be893d11443e142aafcb5c0c059b8483440
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /script.js HTTP/1.1
Host: u.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: on
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
cache-control: public, max-age=14400
last-modified: Fri, 29 Mar 2024 16:49:26 GMT
etag: W/"977-18e8b1dc16f"
vary: Accept-Encoding
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r8Ew9KKfPER9yc%2FCIiUtZEZlAZen49j6lqx%2FMrC4xvUmhtsLrf%2F1xTsFFl9H0JhlSkdyt3kERZxbZCL9ZBaKqVtsdirgik5RKkg6f28rvNJ1WnkF9lKmkUjIpiru"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf84aca556c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/95e27729858b
200 OK 75 kB URL User Request GET HTTP/2 IP
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /95e27729858b HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg; path=/
token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
sscore: 0.016953468912577
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y6ki34lkobXk25KDRfwvYtJYnKjH0g6pjOaNzi5jMZA%2B%2B7rcsdIN5J0CY3nxSPUDnb%2FeWfcF3TC5nm70ZKfo%2FUnggxT7MFDF2NMJILsHTS2OEhzqtHTcc9HxRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf824f4656ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET newassets.hcaptcha.com/c/282d0ff/hsw.js
200 OK 528 kB URL GET HTTP/3 newassets.hcaptcha.com/c/282d0ff/hsw.js
IP
Requested by https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0d4e8kluvj2&host=paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fpaste.fo&size=invisible
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size 528 kB (527636 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/282d0ff/hsw.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:41 GMT
content-type: application/javascript
etag: W/"f593c8f46e9cb4a93e13a33ec29e7214"
cache-control: public, max-age=3024000
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Mon, 20 May 2024 23:45:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 874fcf8cebff5693-OSL
content-encoding: br
GET paste.fo/codemirror/mode/python/python.js
200 OK 10 kB URL GET HTTP/3 paste.fo/codemirror/mode/python/python.js
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (1008)
Hash 0f85fa739faa6c58233a3576fa0bd324
d9abf35ff26170be2399e4432785ac152ddd711d
08c699cbbadb7aafb466ebb10da8b506cd3af41f400279eafcb7ef95b8d02839
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /codemirror/mode/python/python.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=14926
etag: W/"3a4e-614ce4aba5830-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KvqA04hhk6hEkxFiFaIYu%2FnSLd0vQTVW4YUwTCvt7D0hm%2FoHRqrT9GlKf8vW3aspradv4b0XqIszZCvr1PPi1R2mE78nFLzGNmvX7nf82Lw22TJRGr8qlbSsrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf848c6a56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/codemirror/mode/htmlmixed/htmlmixed.js
200 OK 4.3 kB URL GET HTTP/3 paste.fo/codemirror/mode/htmlmixed/htmlmixed.js
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (4466), with no line terminators
Hash 73c369bccf3c673d012a47bedd8b20f9
ae45e0588f3aabb9a119bd6b02f13cdc104c3280
e45f8bf1878c28fd125fa5dfc9ca4cadf247e70f5e5dbef0011fde8c76549b8f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /codemirror/mode/htmlmixed/htmlmixed.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5688
etag: W/"1638-614ce4aba4890-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2FE%2FdY%2FcA0XuOPoiq9P1giU%2FBuvLRUtryno5AvuAThVyafFtJg31lnwEv1okB2K3%2BBVVfFJ5x8MQAMU2aXPvjbJo0iwdMz1inX5f%2FomqfnsqqDnPSBrgsFTAEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf848c7156c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/assets/svg/thumbs-down-regular.svg
200 OK 1.5 kB URL GET HTTP/3 paste.fo/assets/svg/thumbs-down-regular.svg
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 389c8e85f6e31500977c27d913ef8802
1aadcd3b53c6e86b001ff153294a33260913fc82
e9be5fe625221dc40c32eb0f1faf336dd592141b6496b8f3be76a772e13dd591
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/svg/thumbs-down-regular.svg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"5f1-614ce4abcb98d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b0DYmD4hvZKCnHoKjxBv91sMkVuACMXn841iiwKE6Ih4RgEB6p7AISSC2AeIX9lSyxKg6GZWinJ3K%2F0ek4vU984UH7gxXW%2B79%2FaFWcmC%2BdAqfLKF70REHNwY1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 874fcf848c7a56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
200 OK 20 kB URL GET HTTP/2 static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00
ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File type JavaScript source, ASCII text, with very long lines (19986), with no line terminators
Hash dd1d068fdb5fe90b6c05a5b3940e088c
0d96f9df8772633a9df4c81cf323a4ef8998ba59
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
GET /beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2023.10.0"
last-modified: Mon, 15 Apr 2024 22:09:58 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 874fcf84db261c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
GET newassets.hcaptcha.com/c/282d0ff/hsw.js
200 OK 528 kB URL GET HTTP/3 newassets.hcaptcha.com/c/282d0ff/hsw.js
IP
Requested by https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=140jv7zq5kww&host=paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fpaste.fo&size=invisible
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size 528 kB (527636 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/282d0ff/hsw.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:41 GMT
content-type: application/javascript
etag: W/"f593c8f46e9cb4a93e13a33ec29e7214"
cache-control: public, max-age=3024000
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Mon, 20 May 2024 23:45:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 874fcf8cec015693-OSL
content-encoding: br
GET fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
200 OK 22 kB URL GET HTTP/2 fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File type Web Open Font Format (Version 2), TrueType, length 21528, version 1.0
Hash 6113a25a586aeb6d0d3af5b5b652b973
25619eeae1fe17389310e4d392c427b7711dba44
539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f
GET /s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:41:26 GMT
expires: Fri, 11 Apr 2025 17:41:26 GMT
cache-control: public, max-age=31536000
age: 367455
last-modified: Wed, 13 Sep 2023 23:21:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
200 OK 1.7 kB URL GET HTTP/3 newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File type HTML document, ASCII text, with very long lines (1768), with no line terminators
Hash 825c2f21a9a22bd9911e6686ced37ded
74f703bdafeabb1aad6a04b073d1745298c111dc
0624e04628b8b0d5f77b594b9ef1408296a1774109a47d7c1ac402e1d2636350
GET /captcha/v1/b1c589a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:41 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Mon, 29 Apr 2024 23:45:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 874fcf8a3a505693-OSL
content-encoding: br
GET paste.fo/assets/svg/email.php
200 OK 577 B URL GET HTTP/3 paste.fo/assets/svg/email.php
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type exported SGML document, ASCII text, with very long lines (586), with no line terminators
Hash 3f774fd678c6e100c4d914d9afc0dc8b
bab6ac432d913ee0d99dae0a7caafcea559222bd
e7f5c890c6acb9078887bbeab309ff5771782edac2444c647126072427cdc336
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/svg/email.php HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KgI5ocKKEIZWpcowWZk3JJAvWC0cNUDdcVs0wxs1wO2VJBLmbg3StJMOTh4sxCnbrt9x%2FQM%2BOBXoB6qZrLlIEY9u%2BxIniwEzUB4taCvZ5dAHXx7l%2Fv5FTiRO0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf849c8356c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
200 OK 22 kB URL GET HTTP/2 fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File type Web Open Font Format (Version 2), TrueType, length 21528, version 1.0
Hash 6113a25a586aeb6d0d3af5b5b652b973
25619eeae1fe17389310e4d392c427b7711dba44
539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f
GET /s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:41:26 GMT
expires: Fri, 11 Apr 2025 17:41:26 GMT
cache-control: public, max-age=31536000
age: 367455
last-modified: Wed, 13 Sep 2023 23:21:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-HKXR34F8P3
200 OK 271 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-HKXR34F8P3
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File type JavaScript source, ASCII text, with very long lines (3034)
Size 271 kB (270939 bytes)
Hash f04c21070c7b2580216dd43441ed332c
fc43a8a07da4c76cf3eb7c535cae8fe6fb3afb03
fbda34bcf014217efbe0ea8e370f55271d51471c03990f998d6e08c3a17b9d35
GET /gtag/js?id=G-HKXR34F8P3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 15 Apr 2024 23:45:40 GMT
expires: Mon, 15 Apr 2024 23:45:40 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93758
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET paste.fo/codemirror/mode/shell/shell.js
200 OK 3.9 kB URL GET HTTP/3 paste.fo/codemirror/mode/shell/shell.js
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (4178), with no line terminators
Hash 1fb1a5f0a5a0f7f83eb82387db65fc74
a5353d03502f139dfa6d0436d3d904fd4a9c8100
afdac0b80c01d7befa0215123909a24ddec78f9148282e962894284f1a5762a6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /codemirror/mode/shell/shell.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5383
etag: W/"1507-614ce4aba2950-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VfHOdKU%2FLC9wjAehbh%2FpyJM%2FTqtUSJbmglI8uRVIUFY0GpoaADlDCaFOxIp3dSVMF1gagIB2R%2F8UC2eN9ucWub7Eugp7WlgWSDuFK3jsdPyrAKgWvgreJIVV6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf848c6c56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST api.hcaptcha.com/checksiteconfig?v=b1c589a&host=paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0
200 OK 718 B URL POST HTTP/3 api.hcaptcha.com/checksiteconfig?v=b1c589a&host=paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0
IP
Requested by https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=140jv7zq5kww&host=paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fpaste.fo&size=invisible
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File type troff or preprocessor input, ASCII text, with very long lines (734), with no line terminators
Hash 1ef7e77405c452dffe95bcd3a49ec4c2
cc91f9e6af2a8d8d2b24523efb4fc5446379c76f
1ef544a12b25441e1b2bd0f26ff03fb5874a13a1d4f092add26ca0f9fed82563
POST /checksiteconfig?v=b1c589a&host=paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 HTTP/1.1
Host: api.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://newassets.hcaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:41 GMT
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 874fcf8cabe55693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET paste.fo/codemirror/theme/material-palenight.css
200 OK 2.5 kB URL GET HTTP/3 paste.fo/codemirror/theme/material-palenight.css
IP
Requested by https://paste.fo/95e27729858b
Certificate IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (2481), with no line terminators
Hash 3478d0a15c06b2059f72536e171912ee
774e48edd31323ea84723f8ef3eca1791f10d69e
0500595d586e40f69d933d1835fc02b7e4df3ead14a02cabadf13cec0370ab61
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /codemirror/theme/material-palenight.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/95e27729858b
Cookie: PHPSESSID=4geth62bosa0n5f83e4h9kakqg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 15 Apr 2024 23:45:40 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=2969
etag: W/"b99-614ce4aba19b0-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UFMmzPxayVIW8eAug497ZnXHVRTUpyhzBr1Tw3Xz5RufIgg5BctApM7D3qorM1bh46bYPEoGbFnNZfIKqHI%2FyFROo7IeCZYQB1J7KjC9EKnrGDMXbnPeZFeQBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 874fcf847c3156c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
198.50.128.239
172.64.164.7
104.16.80.73
151.101.244.193
51.75.175.17