Report - paste.fo/da4d7ca673d7

Report Overview

Submitted URL
paste.fo/da4d7ca673d7
IP
172.67.144.225
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-17 20:23:44
Access
public
Website Title
Untitled Paste | paste.fo
Final URL
paste.fo/da4d7ca673d7
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
32

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
u.paste.fo	unknown	2022-08-23	2023-05-13	2024-04-17	508 B	946 B	104.21.28.76
newassets.hcaptcha.com	11055	2018-01-12	2021-03-22	2024-04-16	462 B	528 kB	104.18.124.91
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-17	1.9 kB	226 kB	104.17.25.14
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-17	415 B	94 kB	142.250.74.168
paste.fo	unknown	2022-08-23	2022-09-02	2024-04-17	8.0 kB	11 MB	104.21.28.76
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-17	548 B	152 kB	142.250.74.74
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-17	1.1 kB	45 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-17	medium	paste.fo	Sinkholed
2024-04-17	medium	paste.fo	Sinkholed
2024-04-17	medium	paste.fo	Sinkholed
2024-04-17	medium	paste.fo	Sinkholed
2024-04-17	medium	paste.fo	Sinkholed
2024-04-17	medium	paste.fo	Sinkholed
2024-04-17	medium	paste.fo	Sinkholed
2024-04-17	medium	paste.fo	Sinkholed
2024-04-17	medium	paste.fo	Sinkholed
2024-04-17	medium	paste.fo	Sinkholed
2024-04-17	medium	paste.fo	Sinkholed
2024-04-17	medium	paste.fo	Sinkholed
2024-04-17	medium	paste.fo	Sinkholed
2024-04-17	medium	paste.fo	Sinkholed
2024-04-17	medium	paste.fo	Sinkholed
2024-04-17	medium	paste.fo	Sinkholed

ThreatFox

No alerts detected

JavaScript (31)

	URL	Size	First Seen	Last Seen
	unknown	48 B	2023-04-11	2024-04-30
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:45:29 Last Seen2024-04-30 17:59:30 Times Seen19057 Hash 43d643e449b4ea13394fe737b1d6a447 1c03d56d955fd266d7659379e63d5711bd5382db 4817661f6ac7d2e1691bc3aeb9966e66012891ccda569ff872dc0932010c540d Loading...

	paste.fo/codemirror/mode/python/python.js	10 kB	2023-03-08	2024-04-30
Pretty URL paste.fo/codemirror/mode/python/python.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:42:02 Last Seen2024-04-30 11:09:09 Times Seen1227 Hash 0f85fa739faa6c58233a3576fa0bd324 d9abf35ff26170be2399e4432785ac152ddd711d 08c699cbbadb7aafb466ebb10da8b506cd3af41f400279eafcb7ef95b8d02839 Loading...

	paste.fo/da4d7ca673d7	153 B	2023-03-08	2024-04-30
Pretty URL paste.fo/da4d7ca673d7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 13:42:02 Last Seen2024-04-30 11:09:09 Times Seen697 Hash 2bc0082aba5a35e515758023fa651be0 a8db1112fc735be0d64a64e864a52131f7eaf878 75367336210d6cc8328fad7ddbdcf9afaceae3dae97c2a2e6b95a6ae82d8bc1f Loading...

	paste.fo/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-30
Pretty URL paste.fo/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.21.28.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-30 19:33:25 Times Seen55507 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	paste.fo/codemirror/mode/xml/xml.js	9.6 kB	2023-03-08	2024-04-30
Pretty URL paste.fo/codemirror/mode/xml/xml.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:42:02 Last Seen2024-04-30 11:09:09 Times Seen781 Hash 3e37a737221f3057bb62d1736573f38b bf16c6b34152dfb151dcdb344ce4045174ffdf03 19d4307c9eb14112572604815e03c05ea17ed64dcb7015838cf755ee585fcb37 Loading...

	paste.fo/codemirror/mode/php/php.js	16 kB	2023-03-08	2024-04-30
Pretty URL paste.fo/codemirror/mode/php/php.js IP 104.21.28.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:42:02 Last Seen2024-04-30 11:09:09 Times Seen1229 Hash 435c5cc4f876bcb6369acfccba865995 a65908ec04cd4f6907098d22702320c7f88e725e 1ece120c4b6f866fc0f6a32b7a031709a76d3a192025fdef0931a52953f489cd Loading...

	paste.fo/codemirror/mode/clike/clike.js	28 kB	2023-03-08	2024-04-30
Pretty URL paste.fo/codemirror/mode/clike/clike.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:42:02 Last Seen2024-04-30 11:09:09 Times Seen1231 Hash 2b5341f353f5cb58026ebb1b6f047842 1bdda948cdf3b6c9644d8d07cc74c8aaef330f64 c0e7c4989a015e232a497a9b28e5c0fbb2558066ac52a6339ad59d3d924a0d3e Loading...

	newassets.hcaptcha.com/c/282d0ff/hsw.js	528 kB	2024-04-02	2024-04-17
Pretty URL newassets.hcaptcha.com/c/282d0ff/hsw.js IP 104.18.124.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-02 21:03:12 Last Seen2024-04-17 22:23:44 Times Seen557 Hash f593c8f46e9cb4a93e13a33ec29e7214 40817a1a4bc1e5418a8cba7ecfcd5d10e5dd6e5c e9299541a3837fefdaa7e596c82626eb26d5774273b13a2590cb4a71845880f5 Loading...

	paste.fo/da4d7ca673d7	220 B	2023-03-08	2024-04-30
Pretty URL paste.fo/da4d7ca673d7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 13:42:02 Last Seen2024-04-30 11:09:09 Times Seen553 Hash 3db1e9a5b3900e6e537c9a3c37c3a710 ad5a93d1d63c4147ccea4e92c31e76ac33e48fa2 009775e1b19c7979e577f9eacfb2da159c57074b82eb7985b4fb0e31c28133f2 Loading...

	paste.fo/codemirror/mode/javascript/javascript.js	30 kB	2023-03-08	2024-04-30
Pretty URL paste.fo/codemirror/mode/javascript/javascript.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:42:02 Last Seen2024-04-30 11:09:09 Times Seen1240 Hash b5bf8a874f93ad7109c420727888ad47 8d08219bc1257d5537a649cac713ef426158b9a8 4a0ab339997f3729a8eb6a08fca6574408918d1684eaee21760a438bbea82189 Loading...

	paste.fo/da4d7ca673d7	733 B	2024-04-17	2024-04-17
Pretty URL paste.fo/da4d7ca673d7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 22:23:44 Last Seen2024-04-17 22:23:44 Times Seen1 Hash db5a6b1bf0e4143c1d644df3cb831afe e43a962352e2a27d038c166943b9eaeacc5d0746 f4f3a042ca9e3ed0a695096b7416bac1cf40366b7ce0bb2781601b2e7df6de35 Loading...

	static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317	20 kB	2023-10-13	2024-04-29
Pretty URL static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 06:51:00 Last Seen2024-04-29 05:41:51 Times Seen28476 Hash dd1d068fdb5fe90b6c05a5b3940e088c 0d96f9df8772633a9df4c81cf323a4ef8998ba59 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Loading...

	paste.fo/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.8 kB	2024-04-17	2024-04-17
Pretty URL paste.fo/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 22:23:44 Last Seen2024-04-17 22:23:45 Times Seen2 Hash d4eed34cdbbe2bd0eeecb123d0f9c96f a90b285977380570419b42cdf7397db490f26aec a5afa51a24901442cfb0dc40c6cbe3313205de8117b1fefb7670ff363eee7e27 Loading...

	js.hcaptcha.com/1/api.js	387 kB	2024-04-04	2024-04-30
Pretty URL js.hcaptcha.com/1/api.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-04 18:06:19 Last Seen2024-04-30 11:09:09 Times Seen1327 Hash 052bf4abb4128ef78b68c418f7d94678 2b6c44a8cc009017a2909c7afd71e371e82b7d27 01908359050da30c842f89d13af0447be961b00b67b46eb61114d1fa48f1bdc9 Loading...

	paste.fo/da4d7ca673d7	44 B	2023-05-10	2024-04-30
Pretty URL paste.fo/da4d7ca673d7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-10 02:44:53 Last Seen2024-04-30 11:09:09 Times Seen224 Hash fe7e763127fd45f6d95c1812bc8724cc 3b1e32da737745df4d46823f5302cbab98d72fba 68f850252e6966adddb5d1193396fad719a2876e4f1c363159214317ac91a91d Loading...

	u.paste.fo/script.js	2.4 kB	2024-02-20	2024-04-30
Pretty URL u.paste.fo/script.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-20 04:21:10 Last Seen2024-04-30 11:09:09 Times Seen679 Hash 8285978df55a18d7ba03a3106d4b28d2 3c69c6b6715afaca3b655fa3ea18e6c447a0956e 56e70678cbf7e8c157c423bac4d2872f3b384a1784f43b1126ae5e59fd45d144 Loading...

	paste.fo/assets/js/hyperlink.js	1.0 kB	2023-03-08	2024-04-30
Pretty URL paste.fo/assets/js/hyperlink.js IP 104.21.28.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:42:02 Last Seen2024-04-30 11:09:09 Times Seen679 Hash 754527075e7f43e5b376a6879d591ad3 019edc8ec844b25f28c0049c56aa09c5cc0a5121 d5ff35dd76c5fa9ebfe3b89012a8dd40e85a89ee50f4f85623d338f0514e15d4 Loading...

	www.googletagmanager.com/gtag/js?id=G-HKXR34F8P3	269 kB	2024-04-17	2024-04-17
Pretty URL www.googletagmanager.com/gtag/js?id=G-HKXR34F8P3 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 22:23:45 Last Seen2024-04-17 22:23:45 Times Seen2 Hash 1e8246df71fd4b11781f250ffcb9c64d e5392068ed2dbaa2faf38f6a13672960d90fdaed 094e80aa134224f79bea71f434fa3d4064eab14e26e0f82ec85b7507f10c4f52 Loading...

	paste.fo/codemirror/mode/sql/sql.js	50 kB	2023-03-08	2024-04-30
Pretty URL paste.fo/codemirror/mode/sql/sql.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:42:02 Last Seen2024-04-30 11:09:09 Times Seen1229 Hash 3cdc1020173551b4420eaf86ba005542 b8d24d2ff67841845091e27077fb018dfd90dfcb 319f94b54817677bb7cb4b39e3c1188b7036b60f6e83d7fe4dffcedda4244713 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-04-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-30 19:37:13 Times Seen263642 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	paste.fo/da4d7ca673d7	753 B	2024-04-17	2024-04-17
Pretty URL paste.fo/da4d7ca673d7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 22:23:45 Last Seen2024-04-17 22:23:45 Times Seen1 Hash 31c1b68137660d85210579d9734bb4a6 ca799dfba3c42e7d80c0e1020a4622836b252aad 3e92636e9cdaa6b7b5e78f036f33669d76825ee00600b9ca2734c8d8586686fb Loading...

	paste.fo/codemirror/lib/codemirror.js	262 kB	2023-03-08	2024-04-30
Pretty URL paste.fo/codemirror/lib/codemirror.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:42:02 Last Seen2024-04-30 11:09:09 Times Seen1238 Hash 9775b8d7cc0bda6b762fcef0f617a5dc 42c642c7a6c070207773fd5ef00310ed4ef8380f c6f3c3f85b438110a153601b764ec02d90a4899c37e7699e9187c01fe5b96c45 Loading...

	paste.fo/da4d7ca673d7	707 B	2024-04-17	2024-04-17
Pretty URL paste.fo/da4d7ca673d7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 22:23:45 Last Seen2024-04-17 22:23:45 Times Seen1 Hash a5777719a026667482b3b6b2f30fab7b 2675e15103f182a4f644234dee2c9d8b049bc667 a57a063f75a88c5f61ed71a7b1276d6d053e41c1edf4d3da984ef20ba0a13738 Loading...

	paste.fo/da4d7ca673d7	584 B	2024-04-17	2024-04-17
Pretty URL paste.fo/da4d7ca673d7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 22:23:45 Last Seen2024-04-17 22:23:45 Times Seen1 Hash 375c8ec972b3ae05f08ec9afbdcc663a 7682293d374b7130ebe8c14178f06fbe44d2eb9b c9b86a310ecd35e181070f6cf4f3ef8661920dabbec9607ce03abd34bfe1a509 Loading...

	paste.fo/da4d7ca673d7	362 B	2023-03-08	2024-04-30
Pretty URL paste.fo/da4d7ca673d7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 13:42:02 Last Seen2024-04-30 11:09:09 Times Seen535 Hash cc410e71e4e11ef150fc0b841e53a779 40fe8f68130bf0d500f779f7be6504a90d0b670e b2eeea9c303e9ed86aad00cf3f5224a2bcb03dbec9db3139d1b1c267b27457cf Loading...

	paste.fo/da4d7ca673d7	1.1 kB	2024-04-17	2024-04-17
Pretty URL paste.fo/da4d7ca673d7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 22:23:45 Last Seen2024-04-17 22:23:45 Times Seen1 Hash 0c4e147c8ae7691e6766b98936af6392 6c03b9fb4f753f5c9f90f271d05a08cbf0ae970a ec89238e436777fcab50ecbac5bfd9c359d9f08134289728e7e5dbe30e85034d Loading...

	unknown	247 B	2024-04-17	2024-04-17
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 22:23:45 Last Seen2024-04-17 22:23:45 Times Seen1 Hash 4e3360ee184e937f96a4f58ea90c966c 62d803a4a78ad0ba8dadd1357048583ceb197677 b7565def73c6a63e1649d8408b1472473f0e79ae0d16d3e7c75c6df9903a4fee Loading...

	paste.fo/node_modules/sweetalert2/dist/sweetalert2.min.js	43 kB	2023-03-08	2024-04-30
Pretty URL paste.fo/node_modules/sweetalert2/dist/sweetalert2.min.js IP 104.21.28.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:42:02 Last Seen2024-04-30 11:09:09 Times Seen1413 Hash f15be88a3c9bf40debcc080b125c7e91 4a636976285768dd43278f43d63ba5779f3f493d 8c80ad67878fb50120f124f112bf665e7804452332970d3279b571b13a26d910 Loading...

	paste.fo/codemirror/mode/css/css.js	33 kB	2023-03-08	2024-04-30
Pretty URL paste.fo/codemirror/mode/css/css.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:42:02 Last Seen2024-04-30 11:09:09 Times Seen1235 Hash cbeb7b6de8ada022149bfa4792e625ce 4f4f5c1bc7dfa002df676fa44ecd6d7294ba4c12 dea0ae84464fd019f70399964e19a94d9c27086aadb937e522e7a7862080132f Loading...

	paste.fo/codemirror/mode/shell/shell.js	3.9 kB	2023-03-08	2024-04-30
Pretty URL paste.fo/codemirror/mode/shell/shell.js IP 104.21.28.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:42:02 Last Seen2024-04-30 11:09:08 Times Seen815 Hash ef6669a00f0ae004bf997e217fb0a09f 7fba87e2f140eea0bfb39b10eb34ffb2471a1e2b a76146be8ce9aee15409c7f15625f1922d554e43cbcd5c9503aa544d9eb598eb Loading...

	paste.fo/codemirror/mode/htmlmixed/htmlmixed.js	4.3 kB	2023-03-08	2024-04-30
Pretty URL paste.fo/codemirror/mode/htmlmixed/htmlmixed.js IP 104.21.28.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:42:02 Last Seen2024-04-30 11:09:08 Times Seen831 Hash 5b166a8ebd19d3f44d17bffea8cea4bc 2d24ccc2d3644c33c7cd3a665258cef67619084a 1a4d93f8e0244d90d6f22ce15075e1aac1186593de3ca438649b4df6f8ae3397 Loading...

HTTP Transactions (25)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

104.17.25.14

19 kB

URL
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (52276)
Size
19 kB (18752 bytes)
Hash
ded1c367363e8b20bdc6a19b8350a737
8c06d82739d14b094ff6d9036021a252bd1d985d
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

HTTP Headers

GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 20:23:17 GMT
content-type: text/css; charset=utf-8
content-length: 18752
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6421d693-4940"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 181892
expires: Mon, 07 Apr 2025 20:23:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wi%2BXjO1djOz%2FdmrIk8i61wMwWNfgnBJh9vi8zns%2B1w2NDST8gWAoA4Blm4RQTj1%2F%2FHhwvieKIYGLQA%2FXmckS4JqVKDXCs%2BKjW2Azch0NJydYCPrrYm%2Fh6jXsc%2F94dhKY5kjRfapB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875f21cf5980712d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

104.17.25.14

28 kB

URL
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
28 kB (27938 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 20:23:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2910904
expires: Mon, 07 Apr 2025 20:23:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UIpelQ5M8oQBSlu8bwG%2Bjhkhv2C4exiESVbmbMGIhDO4foRdtte%2FxIsN3tXcpOjwYM5jd6bZPb5KnAUpNL44vE5%2FtHGBKy0UQFw6LKJS%2BpXqjf7Udi%2FBXO%2FnV07qGoKEWD9M%2B0GI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875f21cf79aa712d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-HKXR34F8P3

142.250.74.168

93 kB

URL
www.googletagmanager.com/gtag/js?id=G-HKXR34F8P3
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (3034)
Size
93 kB (93133 bytes)
Hash
1e8246df71fd4b11781f250ffcb9c64d
e5392068ed2dbaa2faf38f6a13672960d90fdaed
094e80aa134224f79bea71f434fa3d4064eab14e26e0f82ec85b7507f10c4f52

HTTP Headers

GET /gtag/js?id=G-HKXR34F8P3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 17 Apr 2024 20:23:17 GMT
expires: Wed, 17 Apr 2024 20:23:17 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93133
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

paste.fo/assets/img/bg1.gif

104.21.28.76

25 kB

URL
paste.fo/assets/img/bg1.gif
IP
104.21.28.76:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
25 kB (24898 bytes)
Hash
dcab8f9443952c7589be3e4db6072853
824ca8c921eeca604844d3f00d08691631199201
a1a2a8e83029575fa6afde2c7b946fd3d98407fccf673c587aac398cd2fc8cef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/bg1.gif HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/da4d7ca673d7
Cookie: PHPSESSID=t3nfpk85bqp5s101n5j5hedi1d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 20:23:18 GMT
content-type: image/gif
content-length: 24898
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "6142-614ce4abce86d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 220
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FZA5bG7hsBkBMKLdFu3FIaZ6Yp%2B0xOVWL%2FwsiKLYX3EELDCuErrTU2Hks9SGeTPCUXDBdz5wxOMMpsWFx2I3youIS%2F9U4ScQUWG8LoDzhGGr7zFSI%2FZcreQamg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875f21d27f8d0b41-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.74

151 kB

URL
fonts.googleapis.com/css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression
Size
151 kB (151366 bytes)
Hash
af07298f0e71d00c1de56f796b00a2eb
71be3a168eee120fd7b163ea778367f3b929abec
d6b9da668d1eb33468e26ebe10007b000dc6ed401cfa13554dabdaa5226fbd02

HTTP Headers

GET /css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 17 Apr 2024 20:23:18 GMT
date: Wed, 17 Apr 2024 20:23:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2

104.17.25.14

25 kB

URL
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 24948, version 772.256
Size
25 kB (24948 bytes)
Hash
61f30b79daf5b31f0d254a31fba66158
fb363d27cfdfe71a243fa2ac3dab2815232b9b7e
8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35

HTTP Headers

GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 17 Apr 2024 20:23:18 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 24948
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-6174"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 182371
expires: Mon, 07 Apr 2025 20:23:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XDg%2FBqfT61pM8bDFxtqGJJBRbWxPy7%2BJH%2FILv6dBUmsbAIw3yHGo0uVDqpTsdB0iq81z%2BNbRn%2BaBX1DOhLB6a7EdXs0g74FagZ1VdIf4a7vvlagUCMxilXWgNBjifJcuDBjcW3wh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875f21d2ae4e712d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

paste.fo/codemirror/mode/shell/shell.js

104.21.28.76

2.0 kB

URL
paste.fo/codemirror/mode/shell/shell.js
IP
104.21.28.76:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (1184)
Size
2.0 kB (2010 bytes)
Hash
ef6669a00f0ae004bf997e217fb0a09f
7fba87e2f140eea0bfb39b10eb34ffb2471a1e2b
a76146be8ce9aee15409c7f15625f1922d554e43cbcd5c9503aa544d9eb598eb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /codemirror/mode/shell/shell.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/da4d7ca673d7
Cookie: PHPSESSID=t3nfpk85bqp5s101n5j5hedi1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 20:23:17 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5383
etag: W/"1507-614ce4aba2950-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 219
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eOYJjwP%2FAHr8yyqTEYODTW0iJ9XWzlMP3hNpkhxDgLjfuqLRuEyLdKMr3159OGOJPX5FUGwturReh40ULTXCQLX3yFKKs3YGpZDeDDDx4xsZXRafTWUgPeJQQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875f21cf1c5a0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2

142.250.74.131

22 kB

URL
fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21528, version 1.0
Size
22 kB (21528 bytes)
Hash
6113a25a586aeb6d0d3af5b5b652b973
25619eeae1fe17389310e4d392c427b7711dba44
539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f

HTTP Headers

GET /s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 10:46:52 GMT
expires: Wed, 16 Apr 2025 10:46:52 GMT
cache-control: public, max-age=31536000
age: 120986
last-modified: Wed, 13 Sep 2023 23:21:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2

142.250.74.131

22 kB

URL
fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21528, version 1.0
Size
22 kB (21528 bytes)
Hash
6113a25a586aeb6d0d3af5b5b652b973
25619eeae1fe17389310e4d392c427b7711dba44
539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f

HTTP Headers

GET /s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 10:46:52 GMT
expires: Wed, 16 Apr 2025 10:46:52 GMT
cache-control: public, max-age=31536000
age: 120986
last-modified: Wed, 13 Sep 2023 23:21:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

paste.fo/CSSc0fe91fc538bd3bee.css

104.21.28.76

22 kB

URL
paste.fo/CSSc0fe91fc538bd3bee.css
IP
104.21.28.76:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
22 kB (21648 bytes)
Hash
688a915e25d978d8778bff27904ec6ef
294363ea1fd2b6ea1e94de0c14d1a8b11ff729af
cbbefb19cf77c6afb6211427b01f8db155f5eb6074bc664500e678b8185981f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /CSSc0fe91fc538bd3bee.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/da4d7ca673d7
Cookie: PHPSESSID=t3nfpk85bqp5s101n5j5hedi1d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 20:23:17 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Wed, 17 Apr 2024 20:23:17 GMT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VpUWKEuk374v2Zw%2BPelfEVdwGz50QdVSibOy1FWF6qTzX5BJYysV3nPZ2zKWhK5Hmq0xGpHrIZpzI%2FRwfSZ2udc%2FkO5BFeq1QVqucDoojgj7cYTrkDKxgahSnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875f21cf1c600b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

paste.fo/codemirror/mode/htmlmixed/htmlmixed.js

104.21.28.76

2.1 kB

URL
paste.fo/codemirror/mode/htmlmixed/htmlmixed.js
IP
104.21.28.76:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (623)
Size
2.1 kB (2111 bytes)
Hash
5b166a8ebd19d3f44d17bffea8cea4bc
2d24ccc2d3644c33c7cd3a665258cef67619084a
1a4d93f8e0244d90d6f22ce15075e1aac1186593de3ca438649b4df6f8ae3397

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /codemirror/mode/htmlmixed/htmlmixed.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/da4d7ca673d7
Cookie: PHPSESSID=t3nfpk85bqp5s101n5j5hedi1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 20:23:17 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5688
etag: W/"1638-614ce4aba4890-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 219
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S9Kx%2Fjewrd6MfF2iZUXlJzRZr25okf7vLon5TR2JF0rzbNyShZ2dBHZP6esTR62xoKxxpupSPHzAMHdnEqn%2FMp3LDLzpAEC9e7E75HF4SssvdnJVsyFYUMwQpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875f21cf1c5d0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

paste.fo/assets/js/hyperlink.js

104.21.28.76

552 B

URL
paste.fo/assets/js/hyperlink.js
IP
104.21.28.76:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (630)
Size
552 B (552 bytes)
Hash
754527075e7f43e5b376a6879d591ad3
019edc8ec844b25f28c0049c56aa09c5cc0a5121
d5ff35dd76c5fa9ebfe3b89012a8dd40e85a89ee50f4f85623d338f0514e15d4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/hyperlink.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/da4d7ca673d7
Cookie: PHPSESSID=t3nfpk85bqp5s101n5j5hedi1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 20:23:17 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2060
etag: W/"80c-614ce4abce86d-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 219
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P5%2FN1FqFNErfD%2FcJelrWd3kkkH4TOIvYpze63dU%2FnaYwCz2Rk5gajk7m3VqKitrYyua7mFpD95i1iIjCsFeQ4bel2tugZSVjAhHjeoglHn5qVo%2B2%2FR%2B9ba6MpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875f21cf1c5f0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

paste.fo/assets/svg/discord.php

104.21.28.76

1.3 kB

URL
paste.fo/assets/svg/discord.php
IP
104.21.28.76:0
ASN
#13335 CLOUDFLARENET

File type
exported SGML document, ASCII text, with very long lines (1557)
Size
1.3 kB (1270 bytes)
Hash
9e11d725232644a01452b56fe0fa8bcc
72bd4257388bceb963492b4e6c4a72cad7d3be96
99d543831ee87e57ca87d24cc16028b0e7784a41754b95ade07e069ef56ff8a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/svg/discord.php HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/da4d7ca673d7
Cookie: PHPSESSID=t3nfpk85bqp5s101n5j5hedi1d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 20:23:17 GMT
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TMRuCUze6GjPGR5QJkd7J%2BUiPhlWHPcunGZA4vU%2Fse2XJbq4XyeNN6p1yeAuNAYXLn9S%2FpAbqCUDlThLmvGqu4FoWOJzHYDVfEMj2BXzUevc%2FqLMJPb4CD7Yvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875f21cf2c6c0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

paste.fo/node_modules/sweetalert2/dist/sweetalert2.min.js

104.21.28.76

15 kB

URL
paste.fo/node_modules/sweetalert2/dist/sweetalert2.min.js
IP
104.21.28.76:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (42951), with no line terminators
Size
15 kB (14556 bytes)
Hash
f15be88a3c9bf40debcc080b125c7e91
4a636976285768dd43278f43d63ba5779f3f493d
8c80ad67878fb50120f124f112bf665e7804452332970d3279b571b13a26d910

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /node_modules/sweetalert2/dist/sweetalert2.min.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/da4d7ca673d7
Cookie: PHPSESSID=t3nfpk85bqp5s101n5j5hedi1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 20:23:17 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"a7c7-614ce4ab9fa71-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 219
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BfaH0EZQ0ZkeDyKpdXs2zLnAqZYVIkl2yS8xDDFFDHAHs9vBs5afklC3uN6BcojXlMWWIlsI8kmKEV9Pv9CMfvlpFrZ6%2BzXo5BX4vF34WGZn7EpW7GblJyJUmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875f21cefc340b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

paste.fo/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.21.28.76

200 OK

7.6 kB

URL GET HTTP/3
paste.fo/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.21.28.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://paste.fo/da4d7ca673d7
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
7.6 kB (7566 bytes)
Hash
e113304447ab126a6510037d97249074
ab897da2f1d80f2f6314eebaf35c40fa88a0bae6
aa1639494260c596aa2f36d92a28a1401431246670d756dcb778f98588e3d4ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/da4d7ca673d7
Cookie: PHPSESSID=t3nfpk85bqp5s101n5j5hedi1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 20:23:17 GMT
content-type: application/javascript
last-modified: Tue, 16 Apr 2024 15:45:04 GMT
etag: W/"661e9d00-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5uqMmR%2BGRLkbcJS6RK8Szfej8ePl%2FAux2RcMswc3QG8q8tTDylwwqsLjJxYhjzr%2FZBELyjV4Y%2B8Jte%2FdrbpzrydOlPTgR%2BdAIOwku19u6BpyDNXhFHLqbojYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875f21cf2c6f0b41-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 19 Apr 2024 20:23:17 GMT
cache-control: max-age=172800, public
content-encoding: gzip

paste.fo/cdn-cgi/challenge-platform/h/g/jsd/r/875f21cc0ee756cb

104.21.28.76

0 B

URL
paste.fo/cdn-cgi/challenge-platform/h/g/jsd/r/875f21cc0ee756cb
IP
104.21.28.76:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/875f21cc0ee756cb HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12137
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/da4d7ca673d7
Cookie: PHPSESSID=t3nfpk85bqp5s101n5j5hedi1d; _ga_HKXR34F8P3=GS1.1.1713385398.1.0.1713385398.0.0.0; _ga=GA1.1.1066573723.1713385398
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 20:23:18 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
priority: u=3,i=?0
set-cookie: cf_clearance=yFVK9pZ4WXUScnboTpkl2Qd.338DSssdgxfRdD4AgiQ-1713385398-1.0.1.1-q5viwq_9U0IAnhPwmtY0Mkin9XFUxto.mZG_5OwlcjIcDt1_BpqAT7Con4MxIlKhtOCddL27Q226RANpSgisdQ; path=/; expires=Thu, 17-Apr-25 20:23:18 GMT; domain=.paste.fo; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I5Tw%2F5nY48i4jUU%2FRpzz3FlpYo91z%2BRc9yqZoERy5SpEV6u0rsKzDl%2BA3HVIslbdVsr31NGSj3AGY5ZmWFbI427PbZoI%2BXp%2B7BMIkLeyHxYOfPf35NvRR2qBUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875f21d57a8d0b41-OSL
alt-svc: h3=":443"; ma=86400

paste.fo/F44D04E5MC0D4C1612105C4B190A1C0F575B17515E4E567B4D1A16452AM1495D48515A051A0D4800015A015655020706071B5E5054.jpg

104.21.28.76

200 OK

3.0 MB

URL GET HTTP/3
paste.fo/F44D04E5MC0D4C1612105C4B190A1C0F575B17515E4E567B4D1A16452AM1495D48515A051A0D4800015A015655020706071B5E5054.jpg
IP
104.21.28.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://paste.fo/da4d7ca673d7
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
GIF image data, version 89a, 440 x 110
Size
3.0 MB (2966147 bytes)
Hash
03c559e180edc5d28bcdc8f5df40d89f
0070b2a0a161b0095ee7d63afd762e71727782c1
81b3a43841357f9948a15a26e3ab18494d2f44f4b28482d973654bd4b2b6abf1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /F44D04E5MC0D4C1612105C4B190A1C0F575B17515E4E567B4D1A16452AM1495D48515A051A0D4800015A015655020706071B5E5054.jpg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/da4d7ca673d7
Cookie: PHPSESSID=t3nfpk85bqp5s101n5j5hedi1d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 20:23:19 GMT
content-type: image/gif
cache-control: public, max-age=14400
x-wp-cf-super-cache-cache-control: public, max-age=3600
cf-cache-status: MISS
last-modified: Wed, 17 Apr 2024 20:23:19 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RXmU%2FA0kaDxbDkUZ1oA7B0zWk9juk%2FPirLihbRvZsB5uC0eAfrkP5KoJoJ2Vn4RTWyoBnjOJRwfhkKdLbBXfCUH6oIPd6Yk3KEcWkmzYbz7pf7vXQOMCViaowg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875f21d27f850b41-OSL
alt-svc: h3=":443"; ma=86400

u.paste.fo/api/send

104.21.28.76

0 B

URL
u.paste.fo/api/send
IP
104.21.28.76:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /api/send HTTP/1.1
Host: u.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://paste.fo/
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Wed, 17 Apr 2024 20:23:20 GMT
x-dns-prefetch-control: on
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
access-control-max-age: 86400
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G2ypL6lzf4Awy%2BCH2vXjTbiQ5perm3oLbjuqvxB0wTnoQHrEggM3%2FUEJpu%2FvkSlqKXGZ%2BDRO7rKb8E3JkDIFg4BVGsc5kU8vrI9%2BMXkv0XUf14OPdkYnvmDcpufg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875f21dfed910b41-OSL
alt-svc: h3=":443"; ma=86400

paste.fo/codemirror/mode/php/php.js

104.21.28.76

11 kB

URL
paste.fo/codemirror/mode/php/php.js
IP
104.21.28.76:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (10405)
Size
11 kB (11437 bytes)
Hash
435c5cc4f876bcb6369acfccba865995
a65908ec04cd4f6907098d22702320c7f88e725e
1ece120c4b6f866fc0f6a32b7a031709a76d3a192025fdef0931a52953f489cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /codemirror/mode/php/php.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/da4d7ca673d7
Cookie: PHPSESSID=t3nfpk85bqp5s101n5j5hedi1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 20:23:17 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=18339
etag: W/"47a3-614ce4aba5830-gzip"
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 219
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z4kXedkCqaKHBwZQaJMORLKmHQxQ5A4dggC3YU85VUrsKtLKBijPCF1IWkvEf4qrQ%2F8WykRPuVjGhXD0w8XOZN6ycNPzWRTEkfSn6uX8EOHUDHIIUB2oTulIlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875f21cf1c570b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

paste.fo/A6592F1AMC58474614460F4B165A1D5150074F005FAM4D526E33597B7F584D6707474B5F5C53.jpg

104.21.28.76

200 OK

8.1 MB

URL GET HTTP/3
paste.fo/A6592F1AMC58474614460F4B165A1D5150074F005FAM4D526E33597B7F584D6707474B5F5C53.jpg
IP
104.21.28.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://paste.fo/da4d7ca673d7
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
GIF image data, version 89a, 800 x 200
Size
8.1 MB (8070546 bytes)
Hash
c939a1eca9218b77440f549bfc136dc4
dcce988a65a42e80ab13017cd935b4493aef01ce
1e7deec50210747021b61e301dfd43ba2289351bdcf2662a1d445d521178151e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /A6592F1AMC58474614460F4B165A1D5150074F005FAM4D526E33597B7F584D6707474B5F5C53.jpg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/da4d7ca673d7
Cookie: PHPSESSID=t3nfpk85bqp5s101n5j5hedi1d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 20:23:19 GMT
content-type: image/gif
cache-control: public, max-age=14400
x-wp-cf-super-cache-cache-control: public, max-age=3600
cf-cache-status: MISS
last-modified: Wed, 17 Apr 2024 20:23:19 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gm6sSkupzPnrrK5Ck1vfNh%2BIWE4roW9uM%2Fq0ijfzqYGfupVaVjXGbv23UBz3ZfuE1I837%2Besl4Bm38NuJ9CXzcCh5h9B6WO6mE7MZl53PQbqPbPDEjFhsYWNOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875f21d27f8c0b41-OSL
alt-svc: h3=":443"; ma=86400

paste.fo/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js

104.21.28.76

241 kB

URL
paste.fo/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
IP
104.21.28.76:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (7847), with no line terminators
Size
241 kB (241310 bytes)
Hash
d4eed34cdbbe2bd0eeecb123d0f9c96f
a90b285977380570419b42cdf7397db490f26aec
a5afa51a24901442cfb0dc40c6cbe3313205de8117b1fefb7670ff363eee7e27

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=t3nfpk85bqp5s101n5j5hedi1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 20:23:18 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: br
vary: accept-encoding
x-content-type-options: nosniff
cache-control: max-age=14400, public
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hRIq87Qgaod0%2FSvkQoslD4FDDsVAepC%2FG6f7pCQWrDcGCP5yYehZPT1d1NKEo%2F1G%2BINiOxj7a6m2mh0ib11EiFYYhrVH15PzH%2FStBoxH4cfOdN1kxck9JAiE%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875f21d4192e0b41-OSL
alt-svc: h3=":443"; ma=86400

paste.fo/cdn-cgi/rum?

104.21.28.76

0 B

URL
paste.fo/cdn-cgi/rum?
IP
104.21.28.76:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 481
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/da4d7ca673d7
Cookie: PHPSESSID=t3nfpk85bqp5s101n5j5hedi1d; _ga_HKXR34F8P3=GS1.1.1713385398.1.0.1713385398.0.0.0; _ga=GA1.1.1066573723.1713385398; cf_clearance=yFVK9pZ4WXUScnboTpkl2Qd.338DSssdgxfRdD4AgiQ-1713385398-1.0.1.1-q5viwq_9U0IAnhPwmtY0Mkin9XFUxto.mZG_5OwlcjIcDt1_BpqAT7Con4MxIlKhtOCddL27Q226RANpSgisdQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Wed, 17 Apr 2024 20:23:41 GMT
access-control-allow-origin: https://paste.fo
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 875f2264ceb20b41-OSL
x-frame-options: DENY
x-content-type-options: nosniff

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

150 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://paste.fo/da4d7ca673d7
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 150124, version 772.256
Size
150 kB (150124 bytes)
Hash
c64278386c2bbb5e293e11b94ca2f6d1
6b99aa650bd12a36caa14e0127435d8f4cd3ba73
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

HTTP Headers

GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paste.fo
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 20:23:18 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150124
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-24a6c"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 178781
expires: Mon, 07 Apr 2025 20:23:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vdlC2mfhA6MAVgGH3l%2F92KGDgrlqdXSStDyeJRr4IDdh7iE3VhYuUgQn0dS9LGFhd2KOPEJ%2Bj7%2F%2Bk7jK8N8%2FeBijsik1zykV9MKwhhgCSVq0JRvXwMrtRuBFbx07kTLZDQ3AG6kc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875f21d29e41712d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

paste.fo/favicon.ico

104.21.28.76

200 OK

15 kB

URL GET HTTP/3
paste.fo/favicon.ico
IP
104.21.28.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://paste.fo/da4d7ca673d7
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
Size
15 kB (15340 bytes)
Hash
cf593ad6a070c546ba238d5172b52aa1
9bed079538917ab59999ea26e8becca1cec74af8
d19e9b6b10d3890ef6cffdc76821fca266f2c0db6c653ffe16b5984a200a4015

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paste.fo/da4d7ca673d7
Cookie: PHPSESSID=t3nfpk85bqp5s101n5j5hedi1d; _ga_HKXR34F8P3=GS1.1.1713385398.1.0.1713385398.0.0.0; _ga=GA1.1.1066573723.1713385398
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 20:23:18 GMT
content-type: image/vnd.microsoft.icon
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"3bec-614ce4abd368d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 218
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NUVd%2B8ElLFcntKZs2mPrc0qUwiNkZmt9mbPadZTR4bsEioGUULGk0M%2BJhGM3cdKlwHifdGw239TSxQgpv1nN%2FD%2B7wgRvINHXr5J1Gy1qiKPMOLdjVHThyNJJ1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875f21d4ea1e0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

newassets.hcaptcha.com/c/282d0ff/hsw.js

104.18.124.91

200 OK

528 kB

URL GET HTTP/3
newassets.hcaptcha.com/c/282d0ff/hsw.js
IP
104.18.124.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0pdfhxevc06b&host=paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fpaste.fo&size=invisible
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type

Size
528 kB (527636 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c/282d0ff/hsw.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 20:23:18 GMT
content-type: application/javascript
etag: W/"f593c8f46e9cb4a93e13a33ec29e7214"
cache-control: public, max-age=3024000
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 22 May 2024 20:23:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875f21d79ddeb4fd-OSL
content-encoding: br

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (31)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL