| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css | 104.17.25.14 | 200 OK | 19 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css IP104.17.25.14:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (52276) Hashded1c367363e8b20bdc6a19b8350a737 8c06d82739d14b094ff6d9036021a252bd1d985d 1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/css; charset=utf-8
content-length: 18752
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6421d693-4940"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 257513
expires: Wed, 30 Apr 2025 23:59:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wZrxYDeH0h66lssX4SRCufIqqYPeqXaPvJfbcqRMu4sC7Yyhry1zjAZyXcwelXy6%2FG5owTanabXSHgTXESeaFVkY0YSYeQ1ZgIFgympojm8UxFybEfzufIMzSdYTPQMCnfAsxKsW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881de1a9ebedb503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js | 104.17.25.14 | 200 OK | 28 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP104.17.25.14:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 193192
expires: Wed, 30 Apr 2025 23:59:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=idREVTT7Xr4suJ4gVxNQsGr4%2BfWZGjNP%2Ft%2BZrUh8W69ad0mJPgooHSY9XrtO5QA7%2FEQ6sbEmZbmn1tM98Ih4JnKC1dP622QpPhz0p6lp0kjBa1om1XOgXbZxkreHtpuut6rpUzDi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881de1a9fbf5b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.paste.fo/assets/css/style.css | 172.67.144.225 | 200 OK | 2.9 kB |
URL GET HTTP/3www.paste.fo/assets/css/style.css IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (608) Hash5bda15770898ea87eac893ece623fe83 a1c6f0ef8c7fb26f5684c65c34991ce0ed9bcc9e ac1f84e3b1d61d9a2599e9db20014bce4788930bf643ce8442ac322304e31b9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/style.css HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/css
content-length: 2945
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "3d56-614ce4abcf80d-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WzSlNTFysmYBQWIWhUbzpApwA9FpxmEykzbf1BTSWa8Z4vy0VO22irmJ0nYPDmtzLUmJ04xlGa4BelLTmrgQv68opuy4dHZ0QnAHfjYCbW%2FVrOfoC%2BqNIcYXAYUbsiw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a98932b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/assets/css/user.css | 172.67.144.225 | 200 OK | 941 B |
URL GET HTTP/3www.paste.fo/assets/css/user.css IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashc420f8c0d2fbc3010e041f515c1ef59e 44190da29eef1a77bb22e1dbe82fc3876bd82bf3 eb3cd892b3a87282ebe62659665d01374bdec118322689b8f60f5c6e3994473c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/user.css HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/css
content-length: 941
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "1b8d-614ce4abcf80d-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i7bZyui3oTDBaFHazU1vAT%2BVNKjKXP38F1OMp7alFFtUiQ1423NtMAYggFKUrvtQupXZHbAy0pjaf6Mg3MySdDaXM591Imovhw6Vdf%2F83ziagv5HErTp6vRauThaOPg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a98934b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/assets/css/cio.css | 172.67.144.225 | 200 OK | 590 B |
URL GET HTTP/3www.paste.fo/assets/css/cio.css IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash495978f1df765f0993859afcf8490189 5ef8a4b916f6d464c755881fe251859a5a842c67 c03d3189c28dc88b8042d27b55e75cf0872d9c7e8ef4244608b6da9319ebef42
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/cio.css HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/css
content-length: 590
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "675-614ce4abcf80d-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gn4fcNEIeAOG0Z2bj%2F7unBzy8Xy5LESQQl5EtuyqzKPkGwNvvpGf%2BEciD7QrUWevF29iqR%2FjYIYVza5Yb5s4BS7wsj3ooje46R%2BR9j2qy2%2BmnOlABvbOCxJojOawHDA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a98936b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/node_modules/@sweetalert2/theme-dark/dark.css | 172.67.144.225 | 200 OK | 4.6 kB |
URL GET HTTP/3www.paste.fo/node_modules/@sweetalert2/theme-dark/dark.css IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash00008b67e39ee270e57f03f4fcad4dac 04f3bb1e6464faf302f91ee5e42a94447ad916b9 c6842d1ae92847b8e8cf3283cab162e737127a8fda2e35e628c8994654266d8f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /node_modules/@sweetalert2/theme-dark/dark.css HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/css
content-length: 4631
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "7542-614ce4ab9ead1-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gbfjF4sMxJQhRB8NjXA2cMH67lLU%2B%2FOYsjofL0SGrsq0lu8nTQcwv4xXLzvvQJKvWPhGdOC8qALsGVBcy9cuLIk55DKlxN8SgmPz2lkzUQ1y7ATAmZU7fo5hwzZDy30%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a98937b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/node_modules/sweetalert2/dist/sweetalert2.min.js | 172.67.144.225 | 200 OK | 14 kB |
URL GET HTTP/3www.paste.fo/node_modules/sweetalert2/dist/sweetalert2.min.js IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42951), with no line terminators Hashf15be88a3c9bf40debcc080b125c7e91 4a636976285768dd43278f43d63ba5779f3f493d 8c80ad67878fb50120f124f112bf665e7804452332970d3279b571b13a26d910
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /node_modules/sweetalert2/dist/sweetalert2.min.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: application/javascript
content-length: 13750
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "a7c7-614ce4ab9fa71-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mOSlJ%2BgvP5xtWu3SuaJyetuRa%2Btwl1%2FxDaCdyPeaAwTrFzJl5ihto8y2qltvNkSuF4fDmA6gmI7OpMRIoShoCv6VPi%2BGeLDYsX7PSThPLzffhvMWmjAxF27Ax1PL1P0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a98938b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/assets/css/responsive.css | 172.67.144.225 | 200 OK | 1.1 kB |
URL GET HTTP/3www.paste.fo/assets/css/responsive.css IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash22fc29bb5c27ad0db110e5543e6b7232 7663bc5332499a406f6ccc8313e47a5b83bc4f9c c07c4e9ba0066790dd16a586736367d28d7f7100ff51e65d2f116b221e292931
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/responsive.css HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/css
content-length: 1071
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "1d58-614ce4abcf80d-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NakYIBLX5sXcys3KFwo0sbVWL9R%2BWvhgS29tjZeNXamLrxGEqL6UJmWH7u1ko6NKD9ntg%2Ft9NhxJqsZdNX9nGydTGeoqk2o4r%2BC%2BiiT56eQfnL%2Bi6DYBI58IBMMzxvc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a98935b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/codemirror/theme/material-palenight.css | 172.67.144.225 | 200 OK | 687 B |
URL GET HTTP/3www.paste.fo/codemirror/theme/material-palenight.css IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash20fe4507567c6e9d584b62d4ce7fac60 ada80ccc0fb078c0d41902a99b0942f4ba0d49a9 9c4e88299e96411626c8f596b3b4f49e5e055a5f8be0fc3fcfeb9ba1c69dcbc0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/theme/material-palenight.css HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/css
content-length: 687
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "b99-614ce4aba19b0-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gj6AbTk30L3oWLi8ujRmVGY6alLBmNBFUD8xn6QZvrAjcVy4PTwdaKvR0Lwu4uzQs2jnsdD2DHib0Lbpp2CiXgoXw0JKaTGSmaEFJ%2BcE%2FUrGgfwUJAj4CktyI%2FNJmy8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9a940b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-HKXR34F8P3 | 142.250.74.168 | 200 OK | 95 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-HKXR34F8P3 IP142.250.74.168:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4242) Hasha20a4584199901782b634801099e38b8 c2754cbe436c382e6bd2c3f1328c63a4d7f14775 1852a42e689dde570fee414c02c82a64cce6c25769855497c2f552b8203b90f8
GET /gtag/js?id=G-HKXR34F8P3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 23:59:10 GMT
expires: Fri, 10 May 2024 23:59:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 95204
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.paste.fo/codemirror/mode/xml/xml.js | 172.67.144.225 | 200 OK | 3.3 kB |
URL GET HTTP/3www.paste.fo/codemirror/mode/xml/xml.js IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashc93fe254ef100aeb5c9dfcda4c91d27f 510c71566cf81560cb5bd1bb25287ed6502dde75 dc7e44d410399326f802e2924573cbf6f942a79f647fd0b97f0b607973bc9a09
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/xml/xml.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 3332
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "3429-614ce4aba5830-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=obmpo%2FGa2yQ4fLfsKGsOOVYyvfRCWhB1BuZWbrYzT3AUmImXn4Z7e4G%2B7tK1Nxs8sd22HybfUjFFnW2wh7vb%2FAK6EN%2BwE%2FskLeHkEdGyZIX3%2FSKZTmi%2B82NCZSz8uR0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9a943b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/codemirror/lib/codemirror.css | 172.67.144.225 | 200 OK | 2.5 kB |
URL GET HTTP/3www.paste.fo/codemirror/lib/codemirror.css IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashce804ae97aeaad9428a30a79b5990e94 97f897fa26502521f0d3348fb69e222346567046 eb494ea972d2661ef86f7f6ac656dd6786d721e49c9c1b46e1eb967e4b6f9bf3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/lib/codemirror.css HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: text/css
content-length: 2510
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "2210-614ce4aba67d0-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qM7VdcyLJnBRei91BB3s5Iqx29O3jPSkNKWO1tnQ%2BS3rc7fZIKoNhU06Mg2TGW6TGXrkLeMdW%2FtedVNiFvZJCZlK34Qqnbab4U8flatHZlhEV2zVEYbJij0BLq5dl7g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9993eb515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/codemirror/mode/css/css.js | 172.67.144.225 | 200 OK | 10 kB |
URL GET HTTP/3www.paste.fo/codemirror/mode/css/css.js IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash3675078ada8a185a353a6560bda2d5ac 1045cdc88a58fb002511eb21db184ed242730f05 60f0689e5c6af7f36c341e8e1341a4f10b4f0a04cebfb7341bcbedba9b572b32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/css/css.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 10006
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "9e2c-614ce4aba67d0-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rvTCi2HYhIN0W4LRD49n%2B%2FbTGKZl9Ome9TMeH8l2J%2BfU42iCYjBniahKrbg0cus7f3S8gCCLDVtHlbQm%2F4De%2BC1bKLhYr3YIjYr%2B96goLFLWqRW7KvFNaLX8GVL%2BksY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9a94ab515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/codemirror/mode/javascript/javascript.js | 172.67.144.225 | 200 OK | 8.6 kB |
URL GET HTTP/3www.paste.fo/codemirror/mode/javascript/javascript.js IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash178dfcd5f64c97da22a3d3a62713b7a9 969b4a80be53b334612b44a0cc6ef57cfe171a26 21fa74c1638c7a4eb3e8cd04b5c8c997181394568330b341c83716da18ffad8e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/javascript/javascript.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 8647
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "97ec-614ce4aba5830-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hLC6BIO0WtjzwPqw2foGMOGggkgCdvQlZ1hrb76TerjkavtwkSsIz0G6PXR0pHfMS9yxkPQ6zk%2BPvTTpY69siJ8Qm5H8L12O7nGz%2F5g497dk8isEU0Xn1uG19HGs%2BVg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9a945b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/codemirror/mode/sql/sql.js | 172.67.144.225 | 200 OK | 17 kB |
URL GET HTTP/3www.paste.fo/codemirror/mode/sql/sql.js IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7061) Hashb48a3934b20b392ae812b17df05355f4 40d1a558afba1f5043b23131e496de37d8e2dfb4 ac23d3f196deb9be25cfcecb966bdc1789b9e177aac683ddccde1420670c4d8a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/sql/sql.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 16832
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "e892-614ce4aba5830-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2jQvgNLIgR0bkgXI7YDjIDCz%2B6y5f4HVuFDcmvZH5kRQutMPxinjhr8euyRAfuoG4lSx5gL6B7nfXFbgPQf3CJvmw5NxQREcTmJuTV1XcO%2Fbwd8TYfMsrbTEMsk0EVI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9a94db515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/codemirror/mode/python/python.js | 172.67.144.225 | 200 OK | 4.1 kB |
URL GET HTTP/3www.paste.fo/codemirror/mode/python/python.js IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash9b50648e6f546e4f63f1a8eb25adb039 b178c4d31cc4eeefe58e97a60723d47af96b79ed ec56443dfebe73f332cc639289ad2de6921560c8952a3e2127397a0849882657
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/python/python.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 4073
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "3a4e-614ce4aba5830-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rWt1vEfYeX41404NxNx8u%2BBBvWdohQzP6DbbXJdl%2B1j7xj9H3isl%2BKGMeg7euC62QRDIT7dgCSYLoo7QO7fhqXIQ%2FVX5qRvhTqyEpsjYnMZVxXywBK8fdnupGCuRDW0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9b957b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/codemirror/mode/clike/clike.js | 172.67.144.225 | 200 OK | 9.7 kB |
URL GET HTTP/3www.paste.fo/codemirror/mode/clike/clike.js IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash145b41ea6cde47e8889ef8b2214eecde d0ae7cc4040a57a76b86265f492f87e251d1cc9d a1ff458a030f8b1db2d901811344f3e178eaceb19b598277d054bf83dacfecd2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/clike/clike.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 9686
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "916f-614ce4aba5830-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nxQC2QfFMBE9ESs%2BYRhUlkC24W%2FMKRwIPCatADswEJEUnScEWoz7f8UX70SivjgXiLR8jzlOdSHiL5yeMfYxGgOddnrOBBhRjGI376t0jL5uYg7Kes3hlpOCsyuc1HI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9b960b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/codemirror/mode/shell/shell.js | 172.67.144.225 | 200 OK | 1.9 kB |
URL GET HTTP/3www.paste.fo/codemirror/mode/shell/shell.js IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashab0fc779b5fb9bdc1310a28d7dccd379 ece7e7661886871cc46ef71248c67ea53a61ac7d 24f77cb162ea9d9e9fc79b95ba547a7cc10a0767e3a5a52c786d4c24253736fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/shell/shell.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 1868
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "1507-614ce4aba2950-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OGUuUnVvcaiu9wKHREas0alBuCBaJzVEg4cTEUBpadZfCCLInFb2ZyvF1uq0tvciqRrhPsYYFr6Edu2gR3nRzh01s0%2Bn2oSLwvJLJR60rZqMX%2F0MxHNyMX%2FHl2442B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9b95fb515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/assets/js/hyperlink.js | 172.67.144.225 | 200 OK | 983 B |
URL GET HTTP/3www.paste.fo/assets/js/hyperlink.js IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (472) Hashba0e0718fee58342be83dfed7bda8edb 49818b20c4f336539511a53e8be75af974e2b51d 0a2f95982e87502748a39dcbe0a1c52c3cd56bbc834365f8af88b8718adb1169
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/hyperlink.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 983
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "80c-614ce4abce86d-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NEqLyPHuy27VKdvhNqqs7wXMG02K4RoW0V36aWy2SIPaeypZ2TENckbvbWYHVvZq92JzWJxX%2FVH%2FyVCLZ%2B0OSxWErcwCHLqwtcQmUrxoa3e5ZexduklGYESrmGzkAbI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9c966b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/codemirror/mode/htmlmixed/htmlmixed.js | 172.67.144.225 | 200 OK | 1.9 kB |
URL GET HTTP/3www.paste.fo/codemirror/mode/htmlmixed/htmlmixed.js IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash4c5a6f44d738b718d1f6164c1c8d6904 a4f9c3552740fb908e14fb0f47832d10a3f535d6 fe5912e1d10f8fecb98bd31e2f957c0bbc9abf6b505d11b6dbcd27542d0fdcad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/htmlmixed/htmlmixed.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 1862
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "1638-614ce4aba4890-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FwKhmNkBrwWM7qIP8i0yPhlfuAAcUt52LlXJUPRitRTLeGS1VQ6wUJjpXxWn4wcaFImZsHpnJeLWLiqsB%2FNI4CTR5faHdAsZ4qeWwQPDbNc5itJJVQGbVRmTtp4VJBY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9c965b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| paste.fo/CSSp21fa32.css | 172.67.144.225 | 200 OK | 140 B |
IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash1557f9af49b3d02f13c860c99306583a cbccabf80d365d6f49796033d032dab388f3d829 32f30d1ecc771515f3e214f2d3434d5c6a96d70abc729b8aca46f2c763474da6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CSSp21fa32.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: text/css;charset=UTF-8
content-length: 140
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 10 May 2024 23:59:12 GMT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nSe6iEdqbY1NAbujK9JVWZzq7AU2bwtX16zNrKEiGwoxyhXKxEtrjuwyxX14ZHUBirZ9Gs9MGj1g%2BoYB6eXyp0VWBgKjyBnTBEQ3Z4QZQ8PvCkI8CfbBP8LBuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1aa39c2b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/codemirror/mode/php/php.js | 172.67.144.225 | 200 OK | 6.0 kB |
URL GET HTTP/3www.paste.fo/codemirror/mode/php/php.js IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (9306) Hashf2f1668dbc8a4b0fd9f031dceda0e4ab 31d6961d6d4cbe7bf5deb2f0b5ba099c49e5c962 07819ae34d5830a3cf040e1904d4b641cb70142845394211f7fb63c891d80945
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/mode/php/php.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: application/javascript
content-length: 6013
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "47a3-614ce4aba5830-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bSnXYZYIfhr3lTe1V5Wh9%2Bt8MWO2JHKkDUV2GwnLVKlQpQt2yIxN%2F7mi45jCqvS7n5zY7bkhDWCqKNzJ%2BPrzn6QxZ5ntoF1rw6fO6TcggEnMl%2BGPMczeaNr2bYt2jdU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9a950b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2 | 104.17.25.14 | 200 OK | 108 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2 IP104.17.25.14:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 108020, version 772.256 Size108 kB (108020 bytes) Hash8b0ddedbb27cbc9971c8667caa8a0cc1 4350f9ba93384634faf35f41c503c99c767f1069 748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207
GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 108020
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-1a5f4"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 195887
expires: Wed, 30 Apr 2025 23:59:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aKKqLqMAGzRk4QWSiKBVza3A5JcRi%2BBioiq4Ojv%2F9XVLzukR9aWLEJZj%2B6B6WKwF9Bv4lA%2FK3ZZk4GOjlhFbqDrTaQQThXZtnXwTvAkzWafEF7QhrrSMUHjP6EqtNaEkPv8Ox36Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881de1b7ae86b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.paste.fo/codemirror/lib/codemirror.js | 172.67.144.225 | 200 OK | 257 kB |
URL GET HTTP/3www.paste.fo/codemirror/lib/codemirror.js IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typegzip compressed data, from Unix Size257 kB (256824 bytes) Hash55cb3c9501ee2318e8a09e19f06bb4eb 3904cb5178e4e73d7351d2f3e4ee4deb1cda2982 42c8d1b39ffc33732b979135a2ddc4f107eca592494e1a2d6263023641dda8b8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /codemirror/lib/codemirror.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "61fc3-614ce4aba67d0-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AnTHMKtDUuSFF8%2Bry5Wh5E8LXXNZKBGafgwA72e35SRy2L7MDNrj4hHzkg5Cnz5gGahxvqw%2Fm8prpIdyobfucV1yxN8RsXOvcEuNdZimfv8hCkTiClaHyldg7gnqEvY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9a942b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 | 104.17.25.14 | 200 OK | 25 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 IP104.17.25.14:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 24948, version 772.256 Hash61f30b79daf5b31f0d254a31fba66158 fb363d27cfdfe71a243fa2ac3dab2815232b9b7e 8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35
GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 24948
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-6174"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 887120
expires: Wed, 30 Apr 2025 23:59:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FDieLI5jzbp%2FdpyUc5LTncJzBxfmyanvdfumMJUpZq1LxG2OjdfJusgxaewQJ5Q41Ykh%2F3VMKJDGkydI4IhctWmf6Ubrd49vd4iqXvm6A4Emq1qxBAwupfIbLv%2FOfl3HvXpsTTPx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881de1b7fc8e712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| u.paste.fo/script.js | 172.67.144.225 | 200 OK | 23 kB |
IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hashe45554b9b7a5a5ba1222f39ee55e57e5 fe1d5b866fa86d4d8fb7d7400bb3b2e58211ea8d 891859bafdade42a11134cbe845111f6d23531c37db92feeb27be0a3d91fe1d7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /script.js HTTP/1.1
Host: u.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: on
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
cache-control: public, max-age=14400
last-modified: Fri, 29 Mar 2024 16:49:26 GMT
etag: W/"977-18e8b1dc16f"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZEaKOUBnwgiQvf9h9nQqXmw%2B3WmNkFQC7F1yhtDzIDvC4vHcCkOJQcdMNaQReqAMSqMt8cUypoGmEqtMAHYttaVLKTTxmRaD4RqzplPajqZWg%2FOuKJCULhUJ7jq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9e975b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/assets/svg/thumbs-up-regular.svg | 172.67.144.225 | 200 OK | 1.3 kB |
URL GET HTTP/3www.paste.fo/assets/svg/thumbs-up-regular.svg IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash16edbe83aaa9c8b1f0dae88e622e97cb 49c1e9c26f6db1c4c768e72dfbbf231a0e6fd237 3c1e8bd2dd9e8b3935c601e8bb4fc3f90ee85359acabded24b7f943b9fd1c65b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/svg/thumbs-up-regular.svg HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"5d9-614ce4abcb98d"
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oYQYJqvjD7iX9R8ySC6hNKEMjO0RbmZdrabEWHlgbCf%2BT9ul3avcTDim0XAlKu04y9C%2FkCM%2FX8SPc%2BaNq7fbaHFemHtDhAd7ocH5WMVthB%2F3Tnu3sCPnIkvhQF1s3U0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1a9c967b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 | 142.250.74.163 | 200 OK | 22 kB |
URL GET HTTP/2fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 IP142.250.74.163:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 21528, version 1.0 Hash6113a25a586aeb6d0d3af5b5b652b973 25619eeae1fe17389310e4d392c427b7711dba44 539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f
GET /s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 10:47:01 GMT
expires: Wed, 07 May 2025 10:47:01 GMT
cache-control: public, max-age=31536000
age: 306731
last-modified: Wed, 13 Sep 2023 23:21:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 | 142.250.74.163 | 200 OK | 22 kB |
URL GET HTTP/2fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 IP142.250.74.163:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 21528, version 1.0 Hash6113a25a586aeb6d0d3af5b5b652b973 25619eeae1fe17389310e4d392c427b7711dba44 539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f
GET /s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 10:47:01 GMT
expires: Wed, 07 May 2025 10:47:01 GMT
cache-control: public, max-age=31536000
age: 306731
last-modified: Wed, 13 Sep 2023 23:21:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.paste.fo/cdn-cgi/challenge-platform/scripts/jsd/main.js | 172.67.144.225 | 302 Found | 0 B |
URL GET HTTP/3www.paste.fo/cdn-cgi/challenge-platform/scripts/jsd/main.js IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r; _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 10 May 2024 23:59:12 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uk%2B8pxldiuLzQ15LlsNVJfkf1J4Cy1IA7%2FXQqZrD77ecIGuXJfMwSnmtwtt%2BC2ls4sv913TqYk%2B6DZRBnrDDcYCt%2FIKWyDMaV2FFGjTxVRV%2FcEpd6x3APS8v%2BX1dqQw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1b91a3eb515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/assets/svg/thumbs-down-regular.svg | 172.67.144.225 | 200 OK | 111 kB |
URL GET HTTP/3www.paste.fo/assets/svg/thumbs-down-regular.svg IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Size111 kB (110701 bytes) Hash474a2e020269034a296989b87f4c7833 5a4f05d10c284d86bd395bd1ee9ea783ce7aeea2 d978602a2ebecea81d86f2664b8919dbeaa3c3904513eec9e940b0e08b8f9c73
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/svg/thumbs-down-regular.svg HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"5f1-614ce4abcb98d"
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VLCVcQOaSHtiim76N0djzbdU4IHTPkh0K9Z%2BbwE2Gz26RvKIMTCbLIxk%2FnurUEOfjFvf%2B7nnqJKSe4e093Mu%2BSzKVdmZiYU6ZxYR2Nt8RiqGgqlBfAkRfwNj1cM21NE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1a9c968b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/assets/img/bg1.gif | 172.67.144.225 | 200 OK | 25 kB |
URL GET HTTP/3www.paste.fo/assets/img/bg1.gif IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashdcab8f9443952c7589be3e4db6072853 824ca8c921eeca604844d3f00d08691631199201 a1a2a8e83029575fa6afde2c7b946fd3d98407fccf673c587aac398cd2fc8cef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/bg1.gif HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r; _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:13 GMT
content-type: image/gif
content-length: 24898
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "6142-614ce4abce86d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LqNYz5XKjLmSC4f52WG6InejQrKgFoLxlgietW1wRvks7B2OhnTmwwmtGxuMatE68iPc0chVZguhHcHdouq4f411KxEm68XGOsKwKBzshcFrBBqV%2FH4dIAeazYruhFE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1b7998db515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/cdn-cgi/rum? | 172.67.144.225 | 204 No Content | 0 B |
URL POST HTTP/3www.paste.fo/cdn-cgi/rum? IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/rum? HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1052
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r; _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551; cf_clearance=CzVoXLGSuWR0FcDRCzJeS_1sx.hlrvvo0iMPLb86UT8-1715385553-1.0.1.1-_KEoqaRb6IWnIT5q.qWi8qrD8iaIw8tjUDN37UN3bbcGJJLxG3CbCYv16MXolFsg.pjqpTTnNrKgCxWtKdq_lg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 10 May 2024 23:59:15 GMT
access-control-allow-origin: https://www.paste.fo
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 881de1cb1c7bb515-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| paste.fo/34F158BCMC514C434515031B4D5C480B56571F535EAM17556C34597A7A5E4C6600404B505050.jpg | 172.67.144.225 | 200 OK | 8.1 MB |
URL GET HTTP/3paste.fo/34F158BCMC514C434515031B4D5C480B56571F535EAM17556C34597A7A5E4C6600404B505050.jpg IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 800 x 200 Size8.1 MB (8065033 bytes) Hash5a48b1279d915d1b844ceeda0212ba80 a702fb7f99a765fd6ba5fe6798ab2dfcb67d0021 0256536e816bf82884335ae611639bf19843101e50e5f5dca5616a313a6e62c8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /34F158BCMC514C434515031B4D5C480B56571F535EAM17556C34597A7A5E4C6600404B505050.jpg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Cookie: _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:14 GMT
content-type: image/gif
cache-control: public, max-age=14400
x-wp-cf-super-cache-cache-control: public, max-age=3600
cf-cache-status: MISS
last-modified: Fri, 10 May 2024 23:59:14 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xSjsOO2zvPhKsR1p6h7bGYeTJwwVOkaqQzbE01g3iKjv70L3reumCyoeVWtSAkitDFOd1r2WXeEdVdQpRE%2B14Jn7oie5hmF7js2qNCgX86LKE7EsGffa0J7e8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1b79989b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| u.paste.fo/api/send | 172.67.144.225 | 204 No Content | 453 B |
IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (595), with no line terminators Hashf70c03fef8975c408d20180b3dccb7f1 5c8ab6e7cb24d401385597be0657aec71e2efc98 2619392ab6fcd249f881f0cd6548f968976425e4bd2f545b13adaf3c5b749eb6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /api/send HTTP/1.1
Host: u.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.paste.fo/
Content-Type: application/json
Content-Length: 272
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:16 GMT
content-type: text/plain
content-length: 453
x-dns-prefetch-control: on
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
access-control-allow-origin: *
etag: "17uqbtklcvugj-gzip"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2BsK7nQAF2kW97B7PHlSWixtKXduHaFASnqTGBjFBrqaD6M4RWeIuaO5PXcG9vwHDBXmt3Z5cz1tcHRJ9HpsIVOfDiTDw2baMZfX1dyjaVD1t%2FSHqJgb3p%2BX5OYF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1cf7ee0b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/cdn-cgi/rum? | 172.67.144.225 | 204 No Content | 0 B |
URL POST HTTP/3www.paste.fo/cdn-cgi/rum? IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/rum? HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 500
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r; _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551; cf_clearance=CzVoXLGSuWR0FcDRCzJeS_1sx.hlrvvo0iMPLb86UT8-1715385553-1.0.1.1-_KEoqaRb6IWnIT5q.qWi8qrD8iaIw8tjUDN37UN3bbcGJJLxG3CbCYv16MXolFsg.pjqpTTnNrKgCxWtKdq_lg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 204 No Content
date: Fri, 10 May 2024 23:59:35 GMT
access-control-allow-origin: https://www.paste.fo
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 881de24719a1b515-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html | 104.18.124.91 | 200 OK | 1.8 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html IP104.18.124.91:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typeHTML document, ASCII text, with very long lines (1803), with no line terminators Hasha4b0cd73823c04eac73b745bac712a18 52a8be2d8367580c2aff2f27db4e4252489e1ad6 57d905cf66dbb89494f60aebd3925345e5458f77ac172f2e78fdd15480060eb6
GET /captcha/v1/18fa736/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 24 May 2024 23:59:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881de1b8fc3b56a2-OSL
content-encoding: br
|
|
| newassets.hcaptcha.com/c/f922a41/hsw.js | 104.18.124.91 | 200 OK | 470 kB |
URL GET HTTP/3newassets.hcaptcha.com/c/f922a41/hsw.js IP104.18.124.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html#frame=challenge&id=05ol0azivi7i&host=www.paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fwww.paste.fo&size=invisible CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size470 kB (469642 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/f922a41/hsw.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:13 GMT
content-type: application/javascript
etag: W/"a015c3f04def6c02f6d3a815ff97f100"
cache-control: public, max-age=3024000
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 14 Jun 2024 23:59:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881de1bd8f0a56a2-OSL
content-encoding: br
|
|
| www.paste.fo/648dec5e54e8 | 172.67.144.225 | 200 OK | 21 kB |
URL User Request GET HTTP/2www.paste.fo/648dec5e54e8 IP172.67.144.225:443
CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (1494), with CRLF, LF line terminators Hash2ed7de65890a89617a944ed9c412a614 da8258ad1c6d68022a258721abc243205d8cd590 9004bc023a30ff43b9336d6f929b4ff735211f6360bf4b7c7e77d18c53b8f7ec
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /648dec5e54e8 HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r; path=/
token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
sscore: 0.26516464471404
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cn5Z5EXo9wTlaG2cRajrq%2FKGL65nVpeIFjpCw6bNAr1jleKPuepDvXv8X1dYrk%2FmpHJBGx%2B4A7p9GHzDdBxo5tkH0plHzvJVa7g%2BuffCLezjbvr8GdhPmGHmYRL7VuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a56e535685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| paste.fo/D1FF28B7MC0A124641110C4919165316155C16560E19564343AM5410451F0D085F4B5D035F57170A46054C460851.jpg | 172.67.144.225 | 200 OK | 132 kB |
URL GET HTTP/3paste.fo/D1FF28B7MC0A124641110C4919165316155C16560E19564343AM5410451F0D085F4B5D035F57170A46054C460851.jpg IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typePNG image data, 1600 x 400, 8-bit/color RGBA, non-interlaced Size132 kB (131769 bytes) Hashf716e4e045aacbe36a6e91af5a2af21e a80caa46ab519ad3a462579b376e72ef331e6088 69010ec5e296f83b162b7702b5aaab32bbcdcb0eabecdfa07277e16c266895b1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /D1FF28B7MC0A124641110C4919165316155C16560E19564343AM5410451F0D085F4B5D035F57170A46054C460851.jpg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Cookie: _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:13 GMT
content-type: image/png
cache-control: public, max-age=14400
x-wp-cf-super-cache-cache-control: public, max-age=3600
cf-cache-status: MISS
last-modified: Fri, 10 May 2024 23:59:13 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HFctOwGrQPcj8XRX9bVCcKe3Zwg7EM14J3S4MMyLeoWZAFVPUfTahJDCf8DUtSNSW1prukPRVt17DOF85f8gO6uV4p2qVu6KedexRu23i2asTsGU2vZpTsE20Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1b7996eb515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html | 104.18.124.91 | 200 OK | 1.8 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html IP104.18.124.91:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typeHTML document, ASCII text, with very long lines (1803), with no line terminators Hasha4b0cd73823c04eac73b745bac712a18 52a8be2d8367580c2aff2f27db4e4252489e1ad6 57d905cf66dbb89494f60aebd3925345e5458f77ac172f2e78fdd15480060eb6
GET /captcha/v1/18fa736/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 24 May 2024 23:59:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881de1b8fc3c56a2-OSL
content-encoding: br
|
|
| www.paste.fo/favicon.ico | 172.67.144.225 | 200 OK | 15 kB |
IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeMS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel Hashcf593ad6a070c546ba238d5172b52aa1 9bed079538917ab59999ea26e8becca1cec74af8 d19e9b6b10d3890ef6cffdc76821fca266f2c0db6c653ffe16b5984a200a4015
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r; _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:13 GMT
content-type: image/vnd.microsoft.icon
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"3bec-614ce4abd368d"
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AuNsRt1proeR9B3LooXbrajCOjQ2CIZJCL867jjlRuuDAAt9FHQMTPyLWoFNbox16GTcJwVbpgd1xjnF%2FkwoYsH4fS7QzuoMwuVcou8fZh1f0rRA23sVssKRQmEwf%2Fw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1badb27b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 | 104.17.25.14 | 200 OK | 150 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 IP104.17.25.14:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 150124, version 772.256 Size150 kB (150124 bytes) Hashc64278386c2bbb5e293e11b94ca2f6d1 6b99aa650bd12a36caa14e0127435d8f4cd3ba73 7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150124
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-24a6c"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 191804
expires: Wed, 30 Apr 2025 23:59:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KaxKFwNFXWdROO2Npe2ZgcJiJyt7iavQF3rE2lV0h8y6kqXKl%2BZlB8aDvA1MjHcfmmOun17a2Auh9rwD8DO%2F7bPkkycbMygUsfLinZdqwbZ1uqK75kLDH%2BpI7vUbrO0wmalZwbuv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881de1b7be8cb503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| newassets.hcaptcha.com/c/f922a41/hsw.js | 104.18.124.91 | 200 OK | 470 kB |
URL GET HTTP/3newassets.hcaptcha.com/c/f922a41/hsw.js IP104.18.124.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html#frame=challenge&id=1y5k95o1zypg&host=www.paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fwww.paste.fo&size=invisible CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size470 kB (469642 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/f922a41/hsw.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:13 GMT
content-type: application/javascript
etag: W/"a015c3f04def6c02f6d3a815ff97f100"
cache-control: public, max-age=3024000
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 14 Jun 2024 23:59:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881de1bcae8356a2-OSL
content-encoding: br
|
|
| www.paste.fo/assets/svg/twitter.php | 172.67.144.225 | 200 OK | 1.1 kB |
URL GET HTTP/3www.paste.fo/assets/svg/twitter.php IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeexported SGML document, ASCII text, with very long lines (1064), with no line terminators Hash52ada42cb5438b7b0421018fd75f361e d5e00f0d91ac0e644fa97b585fa704764276830b 5814970c931c847c4acc7c25ce39b1f9abbed82f7642c2da34a93f895d875746
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/svg/twitter.php HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I8ZWzHbr%2Fn2FzMxas5D6KlocAdYOwPd5Z9bPuUTlhrrKGu2%2BEMaMfphwVjAEmKeqJf6PiIdCU2P4OCMgVsvErjvWtCHC%2FnUmZitJOap%2FVRq8wNpTnuQEyWHIW0MZDU8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9c96ab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 172.67.144.225 | 200 OK | 1.2 kB |
URL GET HTTP/3www.paste.fo/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (1271), with no line terminators Hash40d981045a7516cdadd00e8dccc9c58d 8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3 71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 09:31:53 GMT
etag: W/"663b4689-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2WTyp4V%2BeXU1OXk5fqDz%2BnouCWZNxAPPrAFqSiPDbXNjvdwfMXd%2BMtIjwNcsqBhYUagCm9NnAcw2geqRq7s49mV%2FVCV%2BPF9lTUkuaBDhhRWe8y4JZNt1NSIwVeO2%2Fec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1a9c96cb515-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 12 May 2024 23:59:10 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| fonts.googleapis.com/css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap | 142.250.74.106 | 200 OK | 40 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap IP142.250.74.106:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashfb9a01c247c59daca77d5e373217b0b1 df072c2f05f7e6884df927cf8b4d2144937b8cbe f6ce0c3fb43d72007637cf61a13dc4c6a0cb1111d2f457dc1386008f83fe13c3
GET /css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 23:59:10 GMT
date: Fri, 10 May 2024 23:59:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| newassets.hcaptcha.com/captcha/v1/18fa736/hcaptcha.js | 104.18.124.91 | 200 OK | 387 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/18fa736/hcaptcha.js IP104.18.124.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html#frame=challenge&id=05ol0azivi7i&host=www.paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fwww.paste.fo&size=invisible CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size387 kB (387161 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /captcha/v1/18fa736/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: application/javascript
etag: W/"53dd4c97b84fc9233d1e06e83a19de29"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 24 May 2024 23:59:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881de1b9ecc256a2-OSL
content-encoding: br
|
|
| newassets.hcaptcha.com/captcha/v1/18fa736/hcaptcha.js | 104.18.124.91 | 200 OK | 387 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/18fa736/hcaptcha.js IP104.18.124.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html#frame=challenge&id=1y5k95o1zypg&host=www.paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fwww.paste.fo&size=invisible CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size387 kB (387161 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /captcha/v1/18fa736/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: application/javascript
etag: W/"53dd4c97b84fc9233d1e06e83a19de29"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 24 May 2024 23:59:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881de1b9dcbc56a2-OSL
content-encoding: br
|
|
| www.paste.fo/cdn-cgi/challenge-platform/h/g/jsd/r/881de1a56e535685 | 172.67.144.225 | 200 OK | 0 B |
URL POST HTTP/3www.paste.fo/cdn-cgi/challenge-platform/h/g/jsd/r/881de1a56e535685 IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/jsd/r/881de1a56e535685 HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12158
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r; _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:13 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
priority: u=3,i=?0
set-cookie: cf_clearance=CzVoXLGSuWR0FcDRCzJeS_1sx.hlrvvo0iMPLb86UT8-1715385553-1.0.1.1-_KEoqaRb6IWnIT5q.qWi8qrD8iaIw8tjUDN37UN3bbcGJJLxG3CbCYv16MXolFsg.pjqpTTnNrKgCxWtKdq_lg; Path=/; Expires=Sat, 10-May-25 23:59:13 GMT; Domain=.paste.fo; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lHR2a2kuXFvsR%2FJ4WjiDEqHgH8RDxW6aftGt%2Fj%2BP9CXZVySnEhe3oCIsLK9nTvrcx68Ij6brNLA4vYyvjFuBAoqZh%2FY78zF36SOa%2FGCucvHy6cZf7OdOwdrfofagFjQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1bacb21b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| js.hcaptcha.com/1/api.js | 104.18.124.91 | 200 OK | 387 kB |
IP104.18.124.91:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size387 kB (387161 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/api.js HTTP/1.1
Host: js.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: application/javascript
etag: W/"53dd4c97b84fc9233d1e06e83a19de29"
cache-control: max-age=300
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 24 May 2024 23:59:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 881de1aa3eb756cc-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.paste.fo/assets/svg/email.php | 172.67.144.225 | 200 OK | 577 B |
URL GET HTTP/3www.paste.fo/assets/svg/email.php IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeexported SGML document, ASCII text, with very long lines (586), with no line terminators Hash3f774fd678c6e100c4d914d9afc0dc8b bab6ac432d913ee0d99dae0a7caafcea559222bd e7f5c890c6acb9078887bbeab309ff5771782edac2444c647126072427cdc336
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/svg/email.php HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zl3yRC5Ue7xotfzmLQJP4ZMew3jt9aBKDJOC%2F9pyEt7IEXUlM0L9h3ZgkRPJTJmvwxQFWH2Oy3n10CypDY1UF%2FIZNLg5VH6t2XlbQ8k0PMWXCnj11BqA1Cm1RHPjSI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9c96bb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/assets/svg/discord.php | 172.67.144.225 | 200 OK | 1.6 kB |
URL GET HTTP/3www.paste.fo/assets/svg/discord.php IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeexported SGML document, ASCII text, with very long lines (1567), with no line terminators Hashf25e187801ad4549ff6d1f7923827d9e 682ad175492f0c7ca063eb8b29df8e5fb92ab3ce c4c482f2711284ca3fb68e15af960645b841af8880e7e86ea031ca86470c5e22
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/svg/discord.php HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0GcfOhVrbVz2S5UUYMkClutJWw92uYOJv8mo%2BDr%2BmumWGYkE%2BZiHxQA1vpgKDdQ0e6qUCljHc9ie3QpckntTXxQREcB0xloFcV0fZVubwdD5NSPxZrNcPFUj%2F8YemXw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9c969b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.paste.fo/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js | 172.67.144.225 | 200 OK | 7.8 kB |
URL GET HTTP/3www.paste.fo/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js IP172.67.144.225:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerCloudflare, Inc. Subjectpaste.fo Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22 ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7805), with no line terminators Hashb22f417a4a08fa31c87d691698489f5a cc0606ebc84089aa2acd21400d80eac512222d45 75a63cd9ddbaed06cec7af3186f295fc9a60c5110aa507f90eb1dac491a1cc62
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r; _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d5lC3YdPIykgmdlVB6beCMYNpj3Pje4xG9jwOCN%2FXWgjPK70sf4LgqgMq5SUHGZb1UKbN63Ag6NfPq3WFcEUa3o3G3vHFRCxlarywOyrk7%2BuEpDgwoiUK15MnxayATM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1b97a74b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 | 104.16.79.73 | 200 OK | 19 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 IP104.16.79.73:443
Requested byhttps://www.paste.fo/648dec5e54e8 CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com FingerprintCE:62:08:77:7A:C9:4F:2B:EB:19:EA:54:43:3D:9F:10:06:33:69:E8 ValidityWed, 08 May 2024 03:07:03 GMT - Tue, 06 Aug 2024 03:07:02 GMT
File typeJavaScript source, ASCII text, with very long lines (19189), with no line terminators Hash4c980ee97cb5c001b4d19e2895fa5603 2c6fe998aa7486c4becd74cf253bdd82666a64c3 d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
GET /beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.1"
last-modified: Mon, 06 May 2024 19:01:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1aa6b0856a5-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| api2.hcaptcha.com/checksiteconfig?v=18fa736&host=www.paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 | 104.18.124.91 | 200 OK | 718 B |
URL POST HTTP/3api2.hcaptcha.com/checksiteconfig?v=18fa736&host=www.paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 IP104.18.124.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html#frame=challenge&id=05ol0azivi7i&host=www.paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fwww.paste.fo&size=invisible CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (734), with no line terminators Hash3c2e649b869ffda6d2875f54a020e40c 2562f42af630792e0b33e67a72de94d3dd1ed6d1 666edee9752e6485aa559edbc28c0e7cf130df825143082faa48e88e1a56cd8a
POST /checksiteconfig?v=18fa736&host=www.paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 HTTP/1.1
Host: api2.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://newassets.hcaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:13 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28vk2VKwPbLoawFj9mU2fhedYxxWRCzPBNFXSyDwK; SameSite=None; Secure; path=/; expires=Sat, 11-May-24 00:29:13 GMT; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881de1bc4e5756a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| api.hcaptcha.com/checksiteconfig?v=18fa736&host=www.paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 | 104.18.124.91 | 200 OK | 718 B |
URL POST HTTP/3api.hcaptcha.com/checksiteconfig?v=18fa736&host=www.paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 IP104.18.124.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html#frame=challenge&id=1y5k95o1zypg&host=www.paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fwww.paste.fo&size=invisible CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (734), with no line terminators Hash0699ae23129c4e42f585982f50766d8a 56cc7c1ec854272aec702af745ed09b653b23b73 d99c877d7cb94964c32c3c671e403b89549800700dd99a6c04f2ee80440df36d
POST /checksiteconfig?v=18fa736&host=www.paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 HTTP/1.1
Host: api.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://newassets.hcaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:13 GMT
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881de1bc3e4d56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|