Report - www.paste.fo/648dec5e54e8

Report Overview

Submitted URL
www.paste.fo/648dec5e54e8
IP
104.21.28.76
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-11 00:12:39
Access
public
Website Title
[MEGA] #8 BEAUTIFUL STATEWINS TEEN EVIE MCCLEAN | paste.fo
Final URL
www.paste.fo/648dec5e54e8
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
76

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	unknown	No data	No data	2.5 kB	335 kB	104.17.25.14
paste.fo	unknown	unknown	No data	No data	1.6 kB	8.2 MB	172.67.144.225
fonts.googleapis.com	8877	unknown	No data	No data	554 B	41 kB	142.250.74.106
js.hcaptcha.com	23463	unknown	No data	No data	397 B	388 kB	104.18.124.91
static.cloudflareinsights.com	1294	unknown	No data	No data	490 B	20 kB	104.16.79.73
api2.hcaptcha.com	unknown	unknown	No data	No data	601 B	1.5 kB	104.18.124.91
www.paste.fo	unknown	unknown	No data	No data	17 kB	556 kB	172.67.144.225
www.googletagmanager.com	75	unknown	No data	No data	419 B	96 kB	142.250.74.168
u.paste.fo	unknown	unknown	No data	No data	887 B	25 kB	172.67.144.225
fonts.gstatic.com	unknown	unknown	No data	No data	1.1 kB	45 kB	142.250.74.163
newassets.hcaptcha.com	11055	unknown	No data	No data	3.0 kB	1.7 MB	104.18.124.91
api.hcaptcha.com	63834	unknown	No data	No data	600 B	1.3 kB	104.18.124.91

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed
2024-05-10	medium	paste.fo	Sinkholed

ThreatFox

No alerts detected

JavaScript (31)

	URL	Size	First Seen	Last Seen
	unknown	48 B	2023-04-11	2024-06-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:45:29 Last Seen2024-06-04 06:11:36 Times Seen20081 Hash 43d643e449b4ea13394fe737b1d6a447 1c03d56d955fd266d7659379e63d5711bd5382db 4817661f6ac7d2e1691bc3aeb9966e66012891ccda569ff872dc0932010c540d Loading...

	www.paste.fo/codemirror/mode/php/php.js	18 kB	2023-03-26	2024-05-27
Pretty URL www.paste.fo/codemirror/mode/php/php.js IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:55:40 Last Seen2024-05-27 02:40:25 Times Seen198 Hash f2f1668dbc8a4b0fd9f031dceda0e4ab 31d6961d6d4cbe7bf5deb2f0b5ba099c49e5c962 07819ae34d5830a3cf040e1904d4b641cb70142845394211f7fb63c891d80945 Loading...

	www.paste.fo/648dec5e54e8	153 B	2023-03-08	2024-05-31
Pretty URL www.paste.fo/648dec5e54e8 IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 13:42:02 Last Seen2024-05-31 03:09:09 Times Seen1024 Hash 2bc0082aba5a35e515758023fa651be0 a8db1112fc735be0d64a64e864a52131f7eaf878 75367336210d6cc8328fad7ddbdcf9afaceae3dae97c2a2e6b95a6ae82d8bc1f Loading...

	www.paste.fo/codemirror/mode/sql/sql.js	60 kB	2023-03-26	2024-05-27
Pretty URL www.paste.fo/codemirror/mode/sql/sql.js IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:55:40 Last Seen2024-05-27 02:40:25 Times Seen187 Hash b48a3934b20b392ae812b17df05355f4 40d1a558afba1f5043b23131e496de37d8e2dfb4 ac23d3f196deb9be25cfcecb966bdc1789b9e177aac683ddccde1420670c4d8a Loading...

	www.paste.fo/648dec5e54e8	220 B	2023-03-08	2024-05-31
Pretty URL www.paste.fo/648dec5e54e8 IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 13:42:02 Last Seen2024-05-31 03:09:09 Times Seen821 Hash 3db1e9a5b3900e6e537c9a3c37c3a710 ad5a93d1d63c4147ccea4e92c31e76ac33e48fa2 009775e1b19c7979e577f9eacfb2da159c57074b82eb7985b4fb0e31c28133f2 Loading...

	newassets.hcaptcha.com/c/f922a41/hsw.js	470 kB	2024-05-03	2024-05-14
Pretty URL newassets.hcaptcha.com/c/f922a41/hsw.js IP 104.18.124.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 01:29:42 Last Seen2024-05-14 03:33:19 Times Seen288 Hash a015c3f04def6c02f6d3a815ff97f100 2322366db22def41a31f2dae0a2133ad75e6d1ac 42d9a4011ac36ae483e8e3cb4bb2b3829b96bf366bbc1c0e2ab40d4d7deb9240 Loading...

	www.paste.fo/648dec5e54e8	733 B	2024-05-11	2024-05-11
Pretty URL www.paste.fo/648dec5e54e8 IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-11 02:13:00 Last Seen2024-05-11 02:13:00 Times Seen1 Hash 982942675f02ee8811dcc9d612c4e3f3 225ee1c5c37c2fb1a28681a37f923da0fb63f194 fdca48689cb2edd27212ad91c2c196b9f2836ae7385816758943b05027689f7a Loading...

	unknown	247 B	2024-05-11	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-11 02:13:00 Last Seen2024-05-11 02:13:00 Times Seen1 Hash f2eb953f5cfd632f31c4bf9889d04609 7d732ba9d3a9575cd5158f98a2d178283a363c6b 61b9d49a66d051a6612364d78701b70d578b3d5cfad89fb01f8b5926bbf202f6 Loading...

	www.paste.fo/codemirror/lib/codemirror.js	401 kB	2023-03-26	2024-05-27
Pretty URL www.paste.fo/codemirror/lib/codemirror.js IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:55:40 Last Seen2024-05-27 02:40:25 Times Seen109 Hash 819ea032bd1e81457ff348bee2a86533 095dfcbeebb24f9a38d6558291fd0af8925321b0 8beb242c41927656e634cda1db88a72aac40b18bc887e831efd2e842db123453 Loading...

	www.paste.fo/codemirror/mode/xml/xml.js	13 kB	2023-06-07	2024-05-27
Pretty URL www.paste.fo/codemirror/mode/xml/xml.js IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-07 17:23:47 Last Seen2024-05-27 02:40:25 Times Seen220 Hash c93fe254ef100aeb5c9dfcda4c91d27f 510c71566cf81560cb5bd1bb25287ed6502dde75 dc7e44d410399326f802e2924573cbf6f942a79f647fd0b97f0b607973bc9a09 Loading...

	www.paste.fo/codemirror/mode/python/python.js	15 kB	2023-03-26	2024-05-27
Pretty URL www.paste.fo/codemirror/mode/python/python.js IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:55:40 Last Seen2024-05-27 02:40:25 Times Seen190 Hash 9b50648e6f546e4f63f1a8eb25adb039 b178c4d31cc4eeefe58e97a60723d47af96b79ed ec56443dfebe73f332cc639289ad2de6921560c8952a3e2127397a0849882657 Loading...

	www.paste.fo/assets/js/hyperlink.js	2.1 kB	2023-09-23	2024-05-27
Pretty URL www.paste.fo/assets/js/hyperlink.js IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 10:02:54 Last Seen2024-05-27 02:40:25 Times Seen131 Hash ba0e0718fee58342be83dfed7bda8edb 49818b20c4f336539511a53e8be75af974e2b51d 0a2f95982e87502748a39dcbe0a1c52c3cd56bbc834365f8af88b8718adb1169 Loading...

	www.paste.fo/codemirror/mode/clike/clike.js	37 kB	2023-03-26	2024-05-27
Pretty URL www.paste.fo/codemirror/mode/clike/clike.js IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:55:40 Last Seen2024-05-27 02:40:25 Times Seen188 Hash 145b41ea6cde47e8889ef8b2214eecde d0ae7cc4040a57a76b86265f492f87e251d1cc9d a1ff458a030f8b1db2d901811344f3e178eaceb19b598277d054bf83dacfecd2 Loading...

	www.paste.fo/648dec5e54e8	39 B	2024-04-15	2024-05-12
Pretty URL www.paste.fo/648dec5e54e8 IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-15 20:17:02 Last Seen2024-05-12 06:00:12 Times Seen8 Hash d9086cc1c148207c5e7bcccd184bcfd2 c52388228d650133d990b99c27f73e41f27b60f1 637c7335f852767801bd523617ed2f5532879d89b613774e6241ef9e357f82ed Loading...

	www.paste.fo/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.8 kB	2024-05-11	2024-05-11
Pretty URL www.paste.fo/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-11 02:13:00 Last Seen2024-05-11 02:13:01 Times Seen2 Hash b22f417a4a08fa31c87d691698489f5a cc0606ebc84089aa2acd21400d80eac512222d45 75a63cd9ddbaed06cec7af3186f295fc9a60c5110aa507f90eb1dac491a1cc62 Loading...

	newassets.hcaptcha.com/captcha/v1/18fa736/hcaptcha.js	387 kB	2024-05-07	2024-05-13
Pretty URL newassets.hcaptcha.com/captcha/v1/18fa736/hcaptcha.js IP 104.18.124.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 21:01:15 Last Seen2024-05-13 11:03:32 Times Seen269 Hash 4d80931f436a73b647471384c48e1604 ae59d307aa2d23a6bf38ba532bae9cbd67c5a3e9 d196d722737dff0be8bdbf3dbd35e00b8af3437be8424e83abc1cfb5b5983e64 Loading...

	www.paste.fo/648dec5e54e8	734 B	2024-05-11	2024-05-11
Pretty URL www.paste.fo/648dec5e54e8 IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-11 02:13:00 Last Seen2024-05-11 02:13:00 Times Seen1 Hash 727c21835d890d075337194f194e3f5b a2936c01216a9c9a3185708656022374825c2ab3 ad90b460b3195865cffea805f43a5d10e63aea071f5deef2656970ec6b187d49 Loading...

	www.paste.fo/codemirror/mode/htmlmixed/htmlmixed.js	5.7 kB	2023-03-26	2024-05-27
Pretty URL www.paste.fo/codemirror/mode/htmlmixed/htmlmixed.js IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:55:40 Last Seen2024-05-27 02:40:25 Times Seen152 Hash 4c5a6f44d738b718d1f6164c1c8d6904 a4f9c3552740fb908e14fb0f47832d10a3f535d6 fe5912e1d10f8fecb98bd31e2f957c0bbc9abf6b505d11b6dbcd27542d0fdcad Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-06-04
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-06-04 06:49:00 Times Seen279701 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.paste.fo/648dec5e54e8	696 B	2024-05-11	2024-05-11
Pretty URL www.paste.fo/648dec5e54e8 IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-11 02:13:00 Last Seen2024-05-11 02:13:00 Times Seen1 Hash 021e0fe2d6eb8a101031d0ac887954aa 261034c48f3bbea0beaf70c81d584c545577826f 35811e2789365291652e9758f50e556bc3b0417d3dbfc79480110cf7a1ffb27d Loading...

	u.paste.fo/script.js	2.4 kB	2024-02-20	2024-05-31
Pretty URL u.paste.fo/script.js IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-20 04:21:10 Last Seen2024-05-31 03:09:09 Times Seen1017 Hash 8285978df55a18d7ba03a3106d4b28d2 3c69c6b6715afaca3b655fa3ea18e6c447a0956e 56e70678cbf7e8c157c423bac4d2872f3b384a1784f43b1126ae5e59fd45d144 Loading...

	www.paste.fo/codemirror/mode/javascript/javascript.js	39 kB	2023-03-26	2024-05-27
Pretty URL www.paste.fo/codemirror/mode/javascript/javascript.js IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:55:40 Last Seen2024-05-27 02:40:25 Times Seen185 Hash 178dfcd5f64c97da22a3d3a62713b7a9 969b4a80be53b334612b44a0cc6ef57cfe171a26 21fa74c1638c7a4eb3e8cd04b5c8c997181394568330b341c83716da18ffad8e Loading...

	www.paste.fo/codemirror/mode/css/css.js	40 kB	2023-03-26	2024-05-27
Pretty URL www.paste.fo/codemirror/mode/css/css.js IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:55:40 Last Seen2024-05-27 02:40:25 Times Seen198 Hash 3675078ada8a185a353a6560bda2d5ac 1045cdc88a58fb002511eb21db184ed242730f05 60f0689e5c6af7f36c341e8e1341a4f10b4f0a04cebfb7341bcbedba9b572b32 Loading...

	www.paste.fo/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-06-04
Pretty URL www.paste.fo/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-06-04 06:47:45 Times Seen59782 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	www.googletagmanager.com/gtag/js?id=G-HKXR34F8P3	277 kB	2024-05-11	2024-05-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-HKXR34F8P3 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-11 02:13:00 Last Seen2024-05-11 02:13:01 Times Seen2 Hash a20a4584199901782b634801099e38b8 c2754cbe436c382e6bd2c3f1328c63a4d7f14775 1852a42e689dde570fee414c02c82a64cce6c25769855497c2f552b8203b90f8 Loading...

	www.paste.fo/codemirror/mode/shell/shell.js	5.4 kB	2023-03-26	2024-05-27
Pretty URL www.paste.fo/codemirror/mode/shell/shell.js IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:55:40 Last Seen2024-05-27 02:40:25 Times Seen141 Hash ab0fc779b5fb9bdc1310a28d7dccd379 ece7e7661886871cc46ef71248c67ea53a61ac7d 24f77cb162ea9d9e9fc79b95ba547a7cc10a0767e3a5a52c786d4c24253736fe Loading...

	www.paste.fo/648dec5e54e8	573 B	2024-05-11	2024-05-11
Pretty URL www.paste.fo/648dec5e54e8 IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-11 02:13:00 Last Seen2024-05-11 02:13:00 Times Seen1 Hash 3709e7fb3f914121abb8abd85fe7e5cc 7311f82ccb96799759547cf8ba5e96594615c9c6 e5caf71ed784b6b5aca637c5136bd3b02374998444766f080a422399313144bb Loading...

	static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387	19 kB	2024-04-24	2024-05-30
Pretty URL static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 00:56:41 Last Seen2024-05-30 21:35:59 Times Seen2854 Hash 4c980ee97cb5c001b4d19e2895fa5603 2c6fe998aa7486c4becd74cf253bdd82666a64c3 d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192 Loading...

	www.paste.fo/node_modules/sweetalert2/dist/sweetalert2.min.js	43 kB	2023-03-08	2024-05-31
Pretty URL www.paste.fo/node_modules/sweetalert2/dist/sweetalert2.min.js IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:42:02 Last Seen2024-05-31 03:09:09 Times Seen2061 Hash f15be88a3c9bf40debcc080b125c7e91 4a636976285768dd43278f43d63ba5779f3f493d 8c80ad67878fb50120f124f112bf665e7804452332970d3279b571b13a26d910 Loading...

	www.paste.fo/648dec5e54e8	362 B	2023-03-08	2024-05-31
Pretty URL www.paste.fo/648dec5e54e8 IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 13:42:02 Last Seen2024-05-31 03:09:09 Times Seen797 Hash cc410e71e4e11ef150fc0b841e53a779 40fe8f68130bf0d500f779f7be6504a90d0b670e b2eeea9c303e9ed86aad00cf3f5224a2bcb03dbec9db3139d1b1c267b27457cf Loading...

	www.paste.fo/648dec5e54e8	1.1 kB	2024-05-11	2024-05-11
Pretty URL www.paste.fo/648dec5e54e8 IP 172.67.144.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-11 02:13:00 Last Seen2024-05-11 02:13:00 Times Seen1 Hash 4e577b95309617771b9b802738f97d26 c6e512aa4ea80edd25bb74fd85a9f64adc312c09 84e916dc2de9d480b5ab8dc254f64792ebca588dde83a8e84b07f1f20a7ca14c Loading...

HTTP Transactions (57)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

104.17.25.14

200 OK

19 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (52276)
Size
19 kB (18752 bytes)
Hash
ded1c367363e8b20bdc6a19b8350a737
8c06d82739d14b094ff6d9036021a252bd1d985d
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

HTTP Headers

GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/css; charset=utf-8
content-length: 18752
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6421d693-4940"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 257513
expires: Wed, 30 Apr 2025 23:59:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wZrxYDeH0h66lssX4SRCufIqqYPeqXaPvJfbcqRMu4sC7Yyhry1zjAZyXcwelXy6%2FG5owTanabXSHgTXESeaFVkY0YSYeQ1ZgIFgympojm8UxFybEfzufIMzSdYTPQMCnfAsxKsW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881de1a9ebedb503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

104.17.25.14

200 OK

28 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
28 kB (27938 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 193192
expires: Wed, 30 Apr 2025 23:59:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=idREVTT7Xr4suJ4gVxNQsGr4%2BfWZGjNP%2Ft%2BZrUh8W69ad0mJPgooHSY9XrtO5QA7%2FEQ6sbEmZbmn1tM98Ih4JnKC1dP622QpPhz0p6lp0kjBa1om1XOgXbZxkreHtpuut6rpUzDi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881de1a9fbf5b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.paste.fo/assets/css/style.css

172.67.144.225

200 OK

2.9 kB

URL GET HTTP/3
www.paste.fo/assets/css/style.css
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (608)
Size
2.9 kB (2945 bytes)
Hash
5bda15770898ea87eac893ece623fe83
a1c6f0ef8c7fb26f5684c65c34991ce0ed9bcc9e
ac1f84e3b1d61d9a2599e9db20014bce4788930bf643ce8442ac322304e31b9b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/style.css HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/css
content-length: 2945
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "3d56-614ce4abcf80d-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WzSlNTFysmYBQWIWhUbzpApwA9FpxmEykzbf1BTSWa8Z4vy0VO22irmJ0nYPDmtzLUmJ04xlGa4BelLTmrgQv68opuy4dHZ0QnAHfjYCbW%2FVrOfoC%2BqNIcYXAYUbsiw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a98932b515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/assets/css/user.css

172.67.144.225

200 OK

941 B

URL GET HTTP/3
www.paste.fo/assets/css/user.css
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
941 B (941 bytes)
Hash
c420f8c0d2fbc3010e041f515c1ef59e
44190da29eef1a77bb22e1dbe82fc3876bd82bf3
eb3cd892b3a87282ebe62659665d01374bdec118322689b8f60f5c6e3994473c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/user.css HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/css
content-length: 941
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "1b8d-614ce4abcf80d-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i7bZyui3oTDBaFHazU1vAT%2BVNKjKXP38F1OMp7alFFtUiQ1423NtMAYggFKUrvtQupXZHbAy0pjaf6Mg3MySdDaXM591Imovhw6Vdf%2F83ziagv5HErTp6vRauThaOPg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a98934b515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/assets/css/cio.css

172.67.144.225

200 OK

590 B

URL GET HTTP/3
www.paste.fo/assets/css/cio.css
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text
Size
590 B (590 bytes)
Hash
495978f1df765f0993859afcf8490189
5ef8a4b916f6d464c755881fe251859a5a842c67
c03d3189c28dc88b8042d27b55e75cf0872d9c7e8ef4244608b6da9319ebef42

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/cio.css HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/css
content-length: 590
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "675-614ce4abcf80d-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gn4fcNEIeAOG0Z2bj%2F7unBzy8Xy5LESQQl5EtuyqzKPkGwNvvpGf%2BEciD7QrUWevF29iqR%2FjYIYVza5Yb5s4BS7wsj3ooje46R%2BR9j2qy2%2BmnOlABvbOCxJojOawHDA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a98936b515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/node_modules/@sweetalert2/theme-dark/dark.css

172.67.144.225

200 OK

4.6 kB

URL GET HTTP/3
www.paste.fo/node_modules/@sweetalert2/theme-dark/dark.css
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text
Size
4.6 kB (4631 bytes)
Hash
00008b67e39ee270e57f03f4fcad4dac
04f3bb1e6464faf302f91ee5e42a94447ad916b9
c6842d1ae92847b8e8cf3283cab162e737127a8fda2e35e628c8994654266d8f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /node_modules/@sweetalert2/theme-dark/dark.css HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/css
content-length: 4631
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "7542-614ce4ab9ead1-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gbfjF4sMxJQhRB8NjXA2cMH67lLU%2B%2FOYsjofL0SGrsq0lu8nTQcwv4xXLzvvQJKvWPhGdOC8qALsGVBcy9cuLIk55DKlxN8SgmPz2lkzUQ1y7ATAmZU7fo5hwzZDy30%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a98937b515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/node_modules/sweetalert2/dist/sweetalert2.min.js

172.67.144.225

200 OK

14 kB

URL GET HTTP/3
www.paste.fo/node_modules/sweetalert2/dist/sweetalert2.min.js
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42951), with no line terminators
Size
14 kB (13750 bytes)
Hash
f15be88a3c9bf40debcc080b125c7e91
4a636976285768dd43278f43d63ba5779f3f493d
8c80ad67878fb50120f124f112bf665e7804452332970d3279b571b13a26d910

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /node_modules/sweetalert2/dist/sweetalert2.min.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: application/javascript
content-length: 13750
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "a7c7-614ce4ab9fa71-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mOSlJ%2BgvP5xtWu3SuaJyetuRa%2Btwl1%2FxDaCdyPeaAwTrFzJl5ihto8y2qltvNkSuF4fDmA6gmI7OpMRIoShoCv6VPi%2BGeLDYsX7PSThPLzffhvMWmjAxF27Ax1PL1P0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a98938b515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/assets/css/responsive.css

172.67.144.225

200 OK

1.1 kB

URL GET HTTP/3
www.paste.fo/assets/css/responsive.css
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text
Size
1.1 kB (1071 bytes)
Hash
22fc29bb5c27ad0db110e5543e6b7232
7663bc5332499a406f6ccc8313e47a5b83bc4f9c
c07c4e9ba0066790dd16a586736367d28d7f7100ff51e65d2f116b221e292931

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/responsive.css HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/css
content-length: 1071
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "1d58-614ce4abcf80d-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NakYIBLX5sXcys3KFwo0sbVWL9R%2BWvhgS29tjZeNXamLrxGEqL6UJmWH7u1ko6NKD9ntg%2Ft9NhxJqsZdNX9nGydTGeoqk2o4r%2BC%2BiiT56eQfnL%2Bi6DYBI58IBMMzxvc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a98935b515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/codemirror/theme/material-palenight.css

172.67.144.225

200 OK

687 B

URL GET HTTP/3
www.paste.fo/codemirror/theme/material-palenight.css
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text
Size
687 B (687 bytes)
Hash
20fe4507567c6e9d584b62d4ce7fac60
ada80ccc0fb078c0d41902a99b0942f4ba0d49a9
9c4e88299e96411626c8f596b3b4f49e5e055a5f8be0fc3fcfeb9ba1c69dcbc0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /codemirror/theme/material-palenight.css HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/css
content-length: 687
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "b99-614ce4aba19b0-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gj6AbTk30L3oWLi8ujRmVGY6alLBmNBFUD8xn6QZvrAjcVy4PTwdaKvR0Lwu4uzQs2jnsdD2DHib0Lbpp2CiXgoXw0JKaTGSmaEFJ%2BcE%2FUrGgfwUJAj4CktyI%2FNJmy8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9a940b515-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-HKXR34F8P3

142.250.74.168

200 OK

95 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-HKXR34F8P3
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4242)
Size
95 kB (95204 bytes)
Hash
a20a4584199901782b634801099e38b8
c2754cbe436c382e6bd2c3f1328c63a4d7f14775
1852a42e689dde570fee414c02c82a64cce6c25769855497c2f552b8203b90f8

HTTP Headers

GET /gtag/js?id=G-HKXR34F8P3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 23:59:10 GMT
expires: Fri, 10 May 2024 23:59:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 95204
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.paste.fo/codemirror/mode/xml/xml.js

172.67.144.225

200 OK

3.3 kB

URL GET HTTP/3
www.paste.fo/codemirror/mode/xml/xml.js
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
3.3 kB (3332 bytes)
Hash
c93fe254ef100aeb5c9dfcda4c91d27f
510c71566cf81560cb5bd1bb25287ed6502dde75
dc7e44d410399326f802e2924573cbf6f942a79f647fd0b97f0b607973bc9a09

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /codemirror/mode/xml/xml.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 3332
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "3429-614ce4aba5830-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=obmpo%2FGa2yQ4fLfsKGsOOVYyvfRCWhB1BuZWbrYzT3AUmImXn4Z7e4G%2B7tK1Nxs8sd22HybfUjFFnW2wh7vb%2FAK6EN%2BwE%2FskLeHkEdGyZIX3%2FSKZTmi%2B82NCZSz8uR0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9a943b515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/codemirror/lib/codemirror.css

172.67.144.225

200 OK

2.5 kB

URL GET HTTP/3
www.paste.fo/codemirror/lib/codemirror.css
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text
Size
2.5 kB (2510 bytes)
Hash
ce804ae97aeaad9428a30a79b5990e94
97f897fa26502521f0d3348fb69e222346567046
eb494ea972d2661ef86f7f6ac656dd6786d721e49c9c1b46e1eb967e4b6f9bf3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /codemirror/lib/codemirror.css HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: text/css
content-length: 2510
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "2210-614ce4aba67d0-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qM7VdcyLJnBRei91BB3s5Iqx29O3jPSkNKWO1tnQ%2BS3rc7fZIKoNhU06Mg2TGW6TGXrkLeMdW%2FtedVNiFvZJCZlK34Qqnbab4U8flatHZlhEV2zVEYbJij0BLq5dl7g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9993eb515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/codemirror/mode/css/css.js

172.67.144.225

200 OK

10 kB

URL GET HTTP/3
www.paste.fo/codemirror/mode/css/css.js
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
10 kB (10006 bytes)
Hash
3675078ada8a185a353a6560bda2d5ac
1045cdc88a58fb002511eb21db184ed242730f05
60f0689e5c6af7f36c341e8e1341a4f10b4f0a04cebfb7341bcbedba9b572b32

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /codemirror/mode/css/css.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 10006
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "9e2c-614ce4aba67d0-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rvTCi2HYhIN0W4LRD49n%2B%2FbTGKZl9Ome9TMeH8l2J%2BfU42iCYjBniahKrbg0cus7f3S8gCCLDVtHlbQm%2F4De%2BC1bKLhYr3YIjYr%2B96goLFLWqRW7KvFNaLX8GVL%2BksY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9a94ab515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/codemirror/mode/javascript/javascript.js

172.67.144.225

200 OK

8.6 kB

URL GET HTTP/3
www.paste.fo/codemirror/mode/javascript/javascript.js
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
8.6 kB (8647 bytes)
Hash
178dfcd5f64c97da22a3d3a62713b7a9
969b4a80be53b334612b44a0cc6ef57cfe171a26
21fa74c1638c7a4eb3e8cd04b5c8c997181394568330b341c83716da18ffad8e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /codemirror/mode/javascript/javascript.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 8647
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "97ec-614ce4aba5830-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hLC6BIO0WtjzwPqw2foGMOGggkgCdvQlZ1hrb76TerjkavtwkSsIz0G6PXR0pHfMS9yxkPQ6zk%2BPvTTpY69siJ8Qm5H8L12O7nGz%2F5g497dk8isEU0Xn1uG19HGs%2BVg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9a945b515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/codemirror/mode/sql/sql.js

172.67.144.225

200 OK

17 kB

URL GET HTTP/3
www.paste.fo/codemirror/mode/sql/sql.js
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7061)
Size
17 kB (16832 bytes)
Hash
b48a3934b20b392ae812b17df05355f4
40d1a558afba1f5043b23131e496de37d8e2dfb4
ac23d3f196deb9be25cfcecb966bdc1789b9e177aac683ddccde1420670c4d8a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /codemirror/mode/sql/sql.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 16832
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "e892-614ce4aba5830-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2jQvgNLIgR0bkgXI7YDjIDCz%2B6y5f4HVuFDcmvZH5kRQutMPxinjhr8euyRAfuoG4lSx5gL6B7nfXFbgPQf3CJvmw5NxQREcTmJuTV1XcO%2Fbwd8TYfMsrbTEMsk0EVI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9a94db515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/codemirror/mode/python/python.js

172.67.144.225

200 OK

4.1 kB

URL GET HTTP/3
www.paste.fo/codemirror/mode/python/python.js
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
4.1 kB (4073 bytes)
Hash
9b50648e6f546e4f63f1a8eb25adb039
b178c4d31cc4eeefe58e97a60723d47af96b79ed
ec56443dfebe73f332cc639289ad2de6921560c8952a3e2127397a0849882657

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /codemirror/mode/python/python.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 4073
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "3a4e-614ce4aba5830-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rWt1vEfYeX41404NxNx8u%2BBBvWdohQzP6DbbXJdl%2B1j7xj9H3isl%2BKGMeg7euC62QRDIT7dgCSYLoo7QO7fhqXIQ%2FVX5qRvhTqyEpsjYnMZVxXywBK8fdnupGCuRDW0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9b957b515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/codemirror/mode/clike/clike.js

172.67.144.225

200 OK

9.7 kB

URL GET HTTP/3
www.paste.fo/codemirror/mode/clike/clike.js
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
9.7 kB (9686 bytes)
Hash
145b41ea6cde47e8889ef8b2214eecde
d0ae7cc4040a57a76b86265f492f87e251d1cc9d
a1ff458a030f8b1db2d901811344f3e178eaceb19b598277d054bf83dacfecd2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /codemirror/mode/clike/clike.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 9686
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "916f-614ce4aba5830-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nxQC2QfFMBE9ESs%2BYRhUlkC24W%2FMKRwIPCatADswEJEUnScEWoz7f8UX70SivjgXiLR8jzlOdSHiL5yeMfYxGgOddnrOBBhRjGI376t0jL5uYg7Kes3hlpOCsyuc1HI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9b960b515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/codemirror/mode/shell/shell.js

172.67.144.225

200 OK

1.9 kB

URL GET HTTP/3
www.paste.fo/codemirror/mode/shell/shell.js
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
1.9 kB (1868 bytes)
Hash
ab0fc779b5fb9bdc1310a28d7dccd379
ece7e7661886871cc46ef71248c67ea53a61ac7d
24f77cb162ea9d9e9fc79b95ba547a7cc10a0767e3a5a52c786d4c24253736fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /codemirror/mode/shell/shell.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 1868
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "1507-614ce4aba2950-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OGUuUnVvcaiu9wKHREas0alBuCBaJzVEg4cTEUBpadZfCCLInFb2ZyvF1uq0tvciqRrhPsYYFr6Edu2gR3nRzh01s0%2Bn2oSLwvJLJR60rZqMX%2F0MxHNyMX%2FHl2442B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9b95fb515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/assets/js/hyperlink.js

172.67.144.225

200 OK

983 B

URL GET HTTP/3
www.paste.fo/assets/js/hyperlink.js
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (472)
Size
983 B (983 bytes)
Hash
ba0e0718fee58342be83dfed7bda8edb
49818b20c4f336539511a53e8be75af974e2b51d
0a2f95982e87502748a39dcbe0a1c52c3cd56bbc834365f8af88b8718adb1169

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/hyperlink.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 983
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "80c-614ce4abce86d-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NEqLyPHuy27VKdvhNqqs7wXMG02K4RoW0V36aWy2SIPaeypZ2TENckbvbWYHVvZq92JzWJxX%2FVH%2FyVCLZ%2B0OSxWErcwCHLqwtcQmUrxoa3e5ZexduklGYESrmGzkAbI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9c966b515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/codemirror/mode/htmlmixed/htmlmixed.js

172.67.144.225

200 OK

1.9 kB

URL GET HTTP/3
www.paste.fo/codemirror/mode/htmlmixed/htmlmixed.js
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
1.9 kB (1862 bytes)
Hash
4c5a6f44d738b718d1f6164c1c8d6904
a4f9c3552740fb908e14fb0f47832d10a3f535d6
fe5912e1d10f8fecb98bd31e2f957c0bbc9abf6b505d11b6dbcd27542d0fdcad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /codemirror/mode/htmlmixed/htmlmixed.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
content-length: 1862
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "1638-614ce4aba4890-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FwKhmNkBrwWM7qIP8i0yPhlfuAAcUt52LlXJUPRitRTLeGS1VQ6wUJjpXxWn4wcaFImZsHpnJeLWLiqsB%2FNI4CTR5faHdAsZ4qeWwQPDbNc5itJJVQGbVRmTtp4VJBY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9c965b515-OSL
alt-svc: h3=":443"; ma=86400

paste.fo/CSSp21fa32.css

172.67.144.225

200 OK

140 B

URL GET HTTP/3
paste.fo/CSSp21fa32.css
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text
Size
140 B (140 bytes)
Hash
1557f9af49b3d02f13c860c99306583a
cbccabf80d365d6f49796033d032dab388f3d829
32f30d1ecc771515f3e214f2d3434d5c6a96d70abc729b8aca46f2c763474da6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /CSSp21fa32.css HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: text/css;charset=UTF-8
content-length: 140
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 10 May 2024 23:59:12 GMT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nSe6iEdqbY1NAbujK9JVWZzq7AU2bwtX16zNrKEiGwoxyhXKxEtrjuwyxX14ZHUBirZ9Gs9MGj1g%2BoYB6eXyp0VWBgKjyBnTBEQ3Z4QZQ8PvCkI8CfbBP8LBuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1aa39c2b515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/codemirror/mode/php/php.js

172.67.144.225

200 OK

6.0 kB

URL GET HTTP/3
www.paste.fo/codemirror/mode/php/php.js
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (9306)
Size
6.0 kB (6013 bytes)
Hash
f2f1668dbc8a4b0fd9f031dceda0e4ab
31d6961d6d4cbe7bf5deb2f0b5ba099c49e5c962
07819ae34d5830a3cf040e1904d4b641cb70142845394211f7fb63c891d80945

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /codemirror/mode/php/php.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: application/javascript
content-length: 6013
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "47a3-614ce4aba5830-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bSnXYZYIfhr3lTe1V5Wh9%2Bt8MWO2JHKkDUV2GwnLVKlQpQt2yIxN%2F7mi45jCqvS7n5zY7bkhDWCqKNzJ%2BPrzn6QxZ5ntoF1rw6fO6TcggEnMl%2BGPMczeaNr2bYt2jdU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9a950b515-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2

104.17.25.14

200 OK

108 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 108020, version 772.256
Size
108 kB (108020 bytes)
Hash
8b0ddedbb27cbc9971c8667caa8a0cc1
4350f9ba93384634faf35f41c503c99c767f1069
748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207

HTTP Headers

GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 108020
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-1a5f4"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 195887
expires: Wed, 30 Apr 2025 23:59:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aKKqLqMAGzRk4QWSiKBVza3A5JcRi%2BBioiq4Ojv%2F9XVLzukR9aWLEJZj%2B6B6WKwF9Bv4lA%2FK3ZZk4GOjlhFbqDrTaQQThXZtnXwTvAkzWafEF7QhrrSMUHjP6EqtNaEkPv8Ox36Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881de1b7ae86b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.paste.fo/codemirror/lib/codemirror.js

172.67.144.225

200 OK

257 kB

URL GET HTTP/3
www.paste.fo/codemirror/lib/codemirror.js
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
257 kB (256824 bytes)
Hash
55cb3c9501ee2318e8a09e19f06bb4eb
3904cb5178e4e73d7351d2f3e4ee4deb1cda2982
42c8d1b39ffc33732b979135a2ddc4f107eca592494e1a2d6263023641dda8b8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /codemirror/lib/codemirror.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:11 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "61fc3-614ce4aba67d0-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AnTHMKtDUuSFF8%2Bry5Wh5E8LXXNZKBGafgwA72e35SRy2L7MDNrj4hHzkg5Cnz5gGahxvqw%2Fm8prpIdyobfucV1yxN8RsXOvcEuNdZimfv8hCkTiClaHyldg7gnqEvY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9a942b515-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2

104.17.25.14

200 OK

25 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24948, version 772.256
Size
25 kB (24948 bytes)
Hash
61f30b79daf5b31f0d254a31fba66158
fb363d27cfdfe71a243fa2ac3dab2815232b9b7e
8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35

HTTP Headers

GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 24948
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-6174"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 887120
expires: Wed, 30 Apr 2025 23:59:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FDieLI5jzbp%2FdpyUc5LTncJzBxfmyanvdfumMJUpZq1LxG2OjdfJusgxaewQJ5Q41Ykh%2F3VMKJDGkydI4IhctWmf6Ubrd49vd4iqXvm6A4Emq1qxBAwupfIbLv%2FOfl3HvXpsTTPx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881de1b7fc8e712e-OSL
alt-svc: h3=":443"; ma=86400

u.paste.fo/script.js

172.67.144.225

200 OK

23 kB

URL GET HTTP/3
u.paste.fo/script.js
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
23 kB (22894 bytes)
Hash
e45554b9b7a5a5ba1222f39ee55e57e5
fe1d5b866fa86d4d8fb7d7400bb3b2e58211ea8d
891859bafdade42a11134cbe845111f6d23531c37db92feeb27be0a3d91fe1d7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script.js HTTP/1.1
Host: u.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: on
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
cache-control: public, max-age=14400
last-modified: Fri, 29 Mar 2024 16:49:26 GMT
etag: W/"977-18e8b1dc16f"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZEaKOUBnwgiQvf9h9nQqXmw%2B3WmNkFQC7F1yhtDzIDvC4vHcCkOJQcdMNaQReqAMSqMt8cUypoGmEqtMAHYttaVLKTTxmRaD4RqzplPajqZWg%2FOuKJCULhUJ7jq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9e975b515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/assets/svg/thumbs-up-regular.svg

172.67.144.225

200 OK

1.3 kB

URL GET HTTP/3
www.paste.fo/assets/svg/thumbs-up-regular.svg
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1284 bytes)
Hash
16edbe83aaa9c8b1f0dae88e622e97cb
49c1e9c26f6db1c4c768e72dfbbf231a0e6fd237
3c1e8bd2dd9e8b3935c601e8bb4fc3f90ee85359acabded24b7f943b9fd1c65b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/svg/thumbs-up-regular.svg HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"5d9-614ce4abcb98d"
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oYQYJqvjD7iX9R8ySC6hNKEMjO0RbmZdrabEWHlgbCf%2BT9ul3avcTDim0XAlKu04y9C%2FkCM%2FX8SPc%2BaNq7fbaHFemHtDhAd7ocH5WMVthB%2F3Tnu3sCPnIkvhQF1s3U0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1a9c967b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2

142.250.74.163

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21528, version 1.0
Size
22 kB (21528 bytes)
Hash
6113a25a586aeb6d0d3af5b5b652b973
25619eeae1fe17389310e4d392c427b7711dba44
539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f

HTTP Headers

GET /s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 10:47:01 GMT
expires: Wed, 07 May 2025 10:47:01 GMT
cache-control: public, max-age=31536000
age: 306731
last-modified: Wed, 13 Sep 2023 23:21:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2

142.250.74.163

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21528, version 1.0
Size
22 kB (21528 bytes)
Hash
6113a25a586aeb6d0d3af5b5b652b973
25619eeae1fe17389310e4d392c427b7711dba44
539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f

HTTP Headers

GET /s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 10:47:01 GMT
expires: Wed, 07 May 2025 10:47:01 GMT
cache-control: public, max-age=31536000
age: 306731
last-modified: Wed, 13 Sep 2023 23:21:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.paste.fo/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.144.225

302 Found

0 B

URL GET HTTP/3
www.paste.fo/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r; _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 10 May 2024 23:59:12 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uk%2B8pxldiuLzQ15LlsNVJfkf1J4Cy1IA7%2FXQqZrD77ecIGuXJfMwSnmtwtt%2BC2ls4sv913TqYk%2B6DZRBnrDDcYCt%2FIKWyDMaV2FFGjTxVRV%2FcEpd6x3APS8v%2BX1dqQw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1b91a3eb515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/assets/svg/thumbs-down-regular.svg

172.67.144.225

200 OK

111 kB

URL GET HTTP/3
www.paste.fo/assets/svg/thumbs-down-regular.svg
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
111 kB (110701 bytes)
Hash
474a2e020269034a296989b87f4c7833
5a4f05d10c284d86bd395bd1ee9ea783ce7aeea2
d978602a2ebecea81d86f2664b8919dbeaa3c3904513eec9e940b0e08b8f9c73

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/svg/thumbs-down-regular.svg HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"5f1-614ce4abcb98d"
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VLCVcQOaSHtiim76N0djzbdU4IHTPkh0K9Z%2BbwE2Gz26RvKIMTCbLIxk%2FnurUEOfjFvf%2B7nnqJKSe4e093Mu%2BSzKVdmZiYU6ZxYR2Nt8RiqGgqlBfAkRfwNj1cM21NE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1a9c968b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.paste.fo/assets/img/bg1.gif

172.67.144.225

200 OK

25 kB

URL GET HTTP/3
www.paste.fo/assets/img/bg1.gif
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
25 kB (24898 bytes)
Hash
dcab8f9443952c7589be3e4db6072853
824ca8c921eeca604844d3f00d08691631199201
a1a2a8e83029575fa6afde2c7b946fd3d98407fccf673c587aac398cd2fc8cef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/bg1.gif HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r; _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:13 GMT
content-type: image/gif
content-length: 24898
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: "6142-614ce4abce86d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LqNYz5XKjLmSC4f52WG6InejQrKgFoLxlgietW1wRvks7B2OhnTmwwmtGxuMatE68iPc0chVZguhHcHdouq4f411KxEm68XGOsKwKBzshcFrBBqV%2FH4dIAeazYruhFE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1b7998db515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/cdn-cgi/rum?

172.67.144.225

204 No Content

0 B

URL POST HTTP/3
www.paste.fo/cdn-cgi/rum?
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1052
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r; _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551; cf_clearance=CzVoXLGSuWR0FcDRCzJeS_1sx.hlrvvo0iMPLb86UT8-1715385553-1.0.1.1-_KEoqaRb6IWnIT5q.qWi8qrD8iaIw8tjUDN37UN3bbcGJJLxG3CbCYv16MXolFsg.pjqpTTnNrKgCxWtKdq_lg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Fri, 10 May 2024 23:59:15 GMT
access-control-allow-origin: https://www.paste.fo
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 881de1cb1c7bb515-OSL
x-frame-options: DENY
x-content-type-options: nosniff

paste.fo/34F158BCMC514C434515031B4D5C480B56571F535EAM17556C34597A7A5E4C6600404B505050.jpg

172.67.144.225

200 OK

8.1 MB

URL GET HTTP/3
paste.fo/34F158BCMC514C434515031B4D5C480B56571F535EAM17556C34597A7A5E4C6600404B505050.jpg
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
GIF image data, version 89a, 800 x 200
Size
8.1 MB (8065033 bytes)
Hash
5a48b1279d915d1b844ceeda0212ba80
a702fb7f99a765fd6ba5fe6798ab2dfcb67d0021
0256536e816bf82884335ae611639bf19843101e50e5f5dca5616a313a6e62c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /34F158BCMC514C434515031B4D5C480B56571F535EAM17556C34597A7A5E4C6600404B505050.jpg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Cookie: _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:14 GMT
content-type: image/gif
cache-control: public, max-age=14400
x-wp-cf-super-cache-cache-control: public, max-age=3600
cf-cache-status: MISS
last-modified: Fri, 10 May 2024 23:59:14 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xSjsOO2zvPhKsR1p6h7bGYeTJwwVOkaqQzbE01g3iKjv70L3reumCyoeVWtSAkitDFOd1r2WXeEdVdQpRE%2B14Jn7oie5hmF7js2qNCgX86LKE7EsGffa0J7e8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1b79989b515-OSL
alt-svc: h3=":443"; ma=86400

u.paste.fo/api/send

172.67.144.225

204 No Content

453 B

URL OPTIONS HTTP/3
u.paste.fo/api/send
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (595), with no line terminators
Size
453 B (453 bytes)
Hash
f70c03fef8975c408d20180b3dccb7f1
5c8ab6e7cb24d401385597be0657aec71e2efc98
2619392ab6fcd249f881f0cd6548f968976425e4bd2f545b13adaf3c5b749eb6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /api/send HTTP/1.1
Host: u.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.paste.fo/
Content-Type: application/json
Content-Length: 272
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:16 GMT
content-type: text/plain
content-length: 453
x-dns-prefetch-control: on
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
access-control-allow-origin: *
etag: "17uqbtklcvugj-gzip"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2BsK7nQAF2kW97B7PHlSWixtKXduHaFASnqTGBjFBrqaD6M4RWeIuaO5PXcG9vwHDBXmt3Z5cz1tcHRJ9HpsIVOfDiTDw2baMZfX1dyjaVD1t%2FSHqJgb3p%2BX5OYF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1cf7ee0b515-OSL
alt-svc: h3=":443"; ma=86400

www.paste.fo/cdn-cgi/rum?

172.67.144.225

204 No Content

0 B

URL POST HTTP/3
www.paste.fo/cdn-cgi/rum?
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 500
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r; _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551; cf_clearance=CzVoXLGSuWR0FcDRCzJeS_1sx.hlrvvo0iMPLb86UT8-1715385553-1.0.1.1-_KEoqaRb6IWnIT5q.qWi8qrD8iaIw8tjUDN37UN3bbcGJJLxG3CbCYv16MXolFsg.pjqpTTnNrKgCxWtKdq_lg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Fri, 10 May 2024 23:59:35 GMT
access-control-allow-origin: https://www.paste.fo
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 881de24719a1b515-OSL
x-frame-options: DENY
x-content-type-options: nosniff

newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html

104.18.124.91

200 OK

1.8 kB

URL GET HTTP/3
newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html
IP
104.18.124.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type
HTML document, ASCII text, with very long lines (1803), with no line terminators
Size
1.8 kB (1758 bytes)
Hash
a4b0cd73823c04eac73b745bac712a18
52a8be2d8367580c2aff2f27db4e4252489e1ad6
57d905cf66dbb89494f60aebd3925345e5458f77ac172f2e78fdd15480060eb6

HTTP Headers

GET /captcha/v1/18fa736/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 24 May 2024 23:59:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881de1b8fc3b56a2-OSL
content-encoding: br

newassets.hcaptcha.com/c/f922a41/hsw.js

104.18.124.91

200 OK

470 kB

URL GET HTTP/3
newassets.hcaptcha.com/c/f922a41/hsw.js
IP
104.18.124.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html#frame=challenge&id=05ol0azivi7i&host=www.paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fwww.paste.fo&size=invisible
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type

Size
470 kB (469642 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c/f922a41/hsw.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:13 GMT
content-type: application/javascript
etag: W/"a015c3f04def6c02f6d3a815ff97f100"
cache-control: public, max-age=3024000
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 14 Jun 2024 23:59:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881de1bd8f0a56a2-OSL
content-encoding: br

www.paste.fo/648dec5e54e8

172.67.144.225

200 OK

21 kB

URL User Request GET HTTP/2
www.paste.fo/648dec5e54e8
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (1494), with CRLF, LF line terminators
Size
21 kB (21275 bytes)
Hash
2ed7de65890a89617a944ed9c412a614
da8258ad1c6d68022a258721abc243205d8cd590
9004bc023a30ff43b9336d6f929b4ff735211f6360bf4b7c7e77d18c53b8f7ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /648dec5e54e8 HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r; path=/
token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
sscore: 0.26516464471404
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cn5Z5EXo9wTlaG2cRajrq%2FKGL65nVpeIFjpCw6bNAr1jleKPuepDvXv8X1dYrk%2FmpHJBGx%2B4A7p9GHzDdBxo5tkH0plHzvJVa7g%2BuffCLezjbvr8GdhPmGHmYRL7VuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a56e535685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

paste.fo/D1FF28B7MC0A124641110C4919165316155C16560E19564343AM5410451F0D085F4B5D035F57170A46054C460851.jpg

172.67.144.225

200 OK

132 kB

URL GET HTTP/3
paste.fo/D1FF28B7MC0A124641110C4919165316155C16560E19564343AM5410451F0D085F4B5D035F57170A46054C460851.jpg
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
PNG image data, 1600 x 400, 8-bit/color RGBA, non-interlaced
Size
132 kB (131769 bytes)
Hash
f716e4e045aacbe36a6e91af5a2af21e
a80caa46ab519ad3a462579b376e72ef331e6088
69010ec5e296f83b162b7702b5aaab32bbcdcb0eabecdfa07277e16c266895b1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /D1FF28B7MC0A124641110C4919165316155C16560E19564343AM5410451F0D085F4B5D035F57170A46054C460851.jpg HTTP/1.1
Host: paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Cookie: _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:13 GMT
content-type: image/png
cache-control: public, max-age=14400
x-wp-cf-super-cache-cache-control: public, max-age=3600
cf-cache-status: MISS
last-modified: Fri, 10 May 2024 23:59:13 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HFctOwGrQPcj8XRX9bVCcKe3Zwg7EM14J3S4MMyLeoWZAFVPUfTahJDCf8DUtSNSW1prukPRVt17DOF85f8gO6uV4p2qVu6KedexRu23i2asTsGU2vZpTsE20Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1b7996eb515-OSL
alt-svc: h3=":443"; ma=86400

newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html

104.18.124.91

200 OK

1.8 kB

URL GET HTTP/3
newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html
IP
104.18.124.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type
HTML document, ASCII text, with very long lines (1803), with no line terminators
Size
1.8 kB (1758 bytes)
Hash
a4b0cd73823c04eac73b745bac712a18
52a8be2d8367580c2aff2f27db4e4252489e1ad6
57d905cf66dbb89494f60aebd3925345e5458f77ac172f2e78fdd15480060eb6

HTTP Headers

GET /captcha/v1/18fa736/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 24 May 2024 23:59:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881de1b8fc3c56a2-OSL
content-encoding: br

www.paste.fo/favicon.ico

172.67.144.225

200 OK

15 kB

URL GET HTTP/3
www.paste.fo/favicon.ico
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
Size
15 kB (15340 bytes)
Hash
cf593ad6a070c546ba238d5172b52aa1
9bed079538917ab59999ea26e8becca1cec74af8
d19e9b6b10d3890ef6cffdc76821fca266f2c0db6c653ffe16b5984a200a4015

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r; _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:13 GMT
content-type: image/vnd.microsoft.icon
last-modified: Fri, 29 Mar 2024 15:28:29 GMT
etag: W/"3bec-614ce4abd368d"
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AuNsRt1proeR9B3LooXbrajCOjQ2CIZJCL867jjlRuuDAAt9FHQMTPyLWoFNbox16GTcJwVbpgd1xjnF%2FkwoYsH4fS7QzuoMwuVcou8fZh1f0rRA23sVssKRQmEwf%2Fw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1badb27b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

150 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 150124, version 772.256
Size
150 kB (150124 bytes)
Hash
c64278386c2bbb5e293e11b94ca2f6d1
6b99aa650bd12a36caa14e0127435d8f4cd3ba73
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

HTTP Headers

GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150124
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-24a6c"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 191804
expires: Wed, 30 Apr 2025 23:59:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KaxKFwNFXWdROO2Npe2ZgcJiJyt7iavQF3rE2lV0h8y6kqXKl%2BZlB8aDvA1MjHcfmmOun17a2Auh9rwD8DO%2F7bPkkycbMygUsfLinZdqwbZ1uqK75kLDH%2BpI7vUbrO0wmalZwbuv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881de1b7be8cb503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

newassets.hcaptcha.com/c/f922a41/hsw.js

104.18.124.91

200 OK

470 kB

URL GET HTTP/3
newassets.hcaptcha.com/c/f922a41/hsw.js
IP
104.18.124.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html#frame=challenge&id=1y5k95o1zypg&host=www.paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fwww.paste.fo&size=invisible
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type

Size
470 kB (469642 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c/f922a41/hsw.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:13 GMT
content-type: application/javascript
etag: W/"a015c3f04def6c02f6d3a815ff97f100"
cache-control: public, max-age=3024000
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 14 Jun 2024 23:59:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881de1bcae8356a2-OSL
content-encoding: br

www.paste.fo/assets/svg/twitter.php

172.67.144.225

200 OK

1.1 kB

URL GET HTTP/3
www.paste.fo/assets/svg/twitter.php
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
exported SGML document, ASCII text, with very long lines (1064), with no line terminators
Size
1.1 kB (1055 bytes)
Hash
52ada42cb5438b7b0421018fd75f361e
d5e00f0d91ac0e644fa97b585fa704764276830b
5814970c931c847c4acc7c25ce39b1f9abbed82f7642c2da34a93f895d875746

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/svg/twitter.php HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I8ZWzHbr%2Fn2FzMxas5D6KlocAdYOwPd5Z9bPuUTlhrrKGu2%2BEMaMfphwVjAEmKeqJf6PiIdCU2P4OCMgVsvErjvWtCHC%2FnUmZitJOap%2FVRq8wNpTnuQEyWHIW0MZDU8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9c96ab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.paste.fo/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

172.67.144.225

200 OK

1.2 kB

URL GET HTTP/3
www.paste.fo/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (1271), with no line terminators
Size
1.2 kB (1239 bytes)
Hash
40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 09:31:53 GMT
etag: W/"663b4689-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2WTyp4V%2BeXU1OXk5fqDz%2BnouCWZNxAPPrAFqSiPDbXNjvdwfMXd%2BMtIjwNcsqBhYUagCm9NnAcw2geqRq7s49mV%2FVCV%2BPF9lTUkuaBDhhRWe8y4JZNt1NSIwVeO2%2Fec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1a9c96cb515-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 12 May 2024 23:59:10 GMT
cache-control: max-age=172800, public
content-encoding: gzip

fonts.googleapis.com/css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.106

200 OK

40 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
40 kB (40360 bytes)
Hash
fb9a01c247c59daca77d5e373217b0b1
df072c2f05f7e6884df927cf8b4d2144937b8cbe
f6ce0c3fb43d72007637cf61a13dc4c6a0cb1111d2f457dc1386008f83fe13c3

HTTP Headers

GET /css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 23:59:10 GMT
date: Fri, 10 May 2024 23:59:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

newassets.hcaptcha.com/captcha/v1/18fa736/hcaptcha.js

104.18.124.91

200 OK

387 kB

URL GET HTTP/3
newassets.hcaptcha.com/captcha/v1/18fa736/hcaptcha.js
IP
104.18.124.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html#frame=challenge&id=05ol0azivi7i&host=www.paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fwww.paste.fo&size=invisible
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type

Size
387 kB (387161 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /captcha/v1/18fa736/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: application/javascript
etag: W/"53dd4c97b84fc9233d1e06e83a19de29"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 24 May 2024 23:59:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881de1b9ecc256a2-OSL
content-encoding: br

newassets.hcaptcha.com/captcha/v1/18fa736/hcaptcha.js

104.18.124.91

200 OK

387 kB

URL GET HTTP/3
newassets.hcaptcha.com/captcha/v1/18fa736/hcaptcha.js
IP
104.18.124.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html#frame=challenge&id=1y5k95o1zypg&host=www.paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fwww.paste.fo&size=invisible
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type

Size
387 kB (387161 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /captcha/v1/18fa736/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: application/javascript
etag: W/"53dd4c97b84fc9233d1e06e83a19de29"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 24 May 2024 23:59:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881de1b9dcbc56a2-OSL
content-encoding: br

www.paste.fo/cdn-cgi/challenge-platform/h/g/jsd/r/881de1a56e535685

172.67.144.225

200 OK

0 B

URL POST HTTP/3
www.paste.fo/cdn-cgi/challenge-platform/h/g/jsd/r/881de1a56e535685
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/881de1a56e535685 HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12158
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r; _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:13 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
priority: u=3,i=?0
set-cookie: cf_clearance=CzVoXLGSuWR0FcDRCzJeS_1sx.hlrvvo0iMPLb86UT8-1715385553-1.0.1.1-_KEoqaRb6IWnIT5q.qWi8qrD8iaIw8tjUDN37UN3bbcGJJLxG3CbCYv16MXolFsg.pjqpTTnNrKgCxWtKdq_lg; Path=/; Expires=Sat, 10-May-25 23:59:13 GMT; Domain=.paste.fo; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lHR2a2kuXFvsR%2FJ4WjiDEqHgH8RDxW6aftGt%2Fj%2BP9CXZVySnEhe3oCIsLK9nTvrcx68Ij6brNLA4vYyvjFuBAoqZh%2FY78zF36SOa%2FGCucvHy6cZf7OdOwdrfofagFjQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1bacb21b515-OSL
alt-svc: h3=":443"; ma=86400

js.hcaptcha.com/1/api.js

104.18.124.91

200 OK

387 kB

URL GET HTTP/2
js.hcaptcha.com/1/api.js
IP
104.18.124.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type

Size
387 kB (387161 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/api.js HTTP/1.1
Host: js.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: application/javascript
etag: W/"53dd4c97b84fc9233d1e06e83a19de29"
cache-control: max-age=300
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 24 May 2024 23:59:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 881de1aa3eb756cc-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.paste.fo/assets/svg/email.php

172.67.144.225

200 OK

577 B

URL GET HTTP/3
www.paste.fo/assets/svg/email.php
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
exported SGML document, ASCII text, with very long lines (586), with no line terminators
Size
577 B (577 bytes)
Hash
3f774fd678c6e100c4d914d9afc0dc8b
bab6ac432d913ee0d99dae0a7caafcea559222bd
e7f5c890c6acb9078887bbeab309ff5771782edac2444c647126072427cdc336

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/svg/email.php HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zl3yRC5Ue7xotfzmLQJP4ZMew3jt9aBKDJOC%2F9pyEt7IEXUlM0L9h3ZgkRPJTJmvwxQFWH2Oy3n10CypDY1UF%2FIZNLg5VH6t2XlbQ8k0PMWXCnj11BqA1Cm1RHPjSI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9c96bb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.paste.fo/assets/svg/discord.php

172.67.144.225

200 OK

1.6 kB

URL GET HTTP/3
www.paste.fo/assets/svg/discord.php
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
exported SGML document, ASCII text, with very long lines (1567), with no line terminators
Size
1.6 kB (1558 bytes)
Hash
f25e187801ad4549ff6d1f7923827d9e
682ad175492f0c7ca063eb8b29df8e5fb92ab3ce
c4c482f2711284ca3fb68e15af960645b841af8880e7e86ea031ca86470c5e22

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/svg/discord.php HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/648dec5e54e8
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0GcfOhVrbVz2S5UUYMkClutJWw92uYOJv8mo%2BDr%2BmumWGYkE%2BZiHxQA1vpgKDdQ0e6qUCljHc9ie3QpckntTXxQREcB0xloFcV0fZVubwdD5NSPxZrNcPFUj%2F8YemXw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881de1a9c969b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.paste.fo/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

172.67.144.225

200 OK

7.8 kB

URL GET HTTP/3
www.paste.fo/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
IP
172.67.144.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerCloudflare, Inc.
Subjectpaste.fo
Fingerprint45:4F:E3:CB:01:43:C2:8B:CA:E1:64:B0:D4:A7:73:8A:C0:79:E2:22
ValidityWed, 17 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7805), with no line terminators
Size
7.8 kB (7805 bytes)
Hash
b22f417a4a08fa31c87d691698489f5a
cc0606ebc84089aa2acd21400d80eac512222d45
75a63cd9ddbaed06cec7af3186f295fc9a60c5110aa507f90eb1dac491a1cc62

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js HTTP/1.1
Host: www.paste.fo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=tmhg5su4a2fh78vofkrp6t173r; _ga_HKXR34F8P3=GS1.1.1715385550.1.0.1715385550.0.0.0; _ga=GA1.1.1945962577.1715385551
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:12 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d5lC3YdPIykgmdlVB6beCMYNpj3Pje4xG9jwOCN%2FXWgjPK70sf4LgqgMq5SUHGZb1UKbN63Ag6NfPq3WFcEUa3o3G3vHFRCxlarywOyrk7%2BuEpDgwoiUK15MnxayATM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1b97a74b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387

104.16.79.73

200 OK

19 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.paste.fo/648dec5e54e8
Certificate
IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
FingerprintCE:62:08:77:7A:C9:4F:2B:EB:19:EA:54:43:3D:9F:10:06:33:69:E8
ValidityWed, 08 May 2024 03:07:03 GMT - Tue, 06 Aug 2024 03:07:02 GMT

File type
JavaScript source, ASCII text, with very long lines (19189), with no line terminators
Size
19 kB (19189 bytes)
Hash
4c980ee97cb5c001b4d19e2895fa5603
2c6fe998aa7486c4becd74cf253bdd82666a64c3
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

HTTP Headers

GET /beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paste.fo
DNT: 1
Connection: keep-alive
Referer: https://www.paste.fo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 23:59:10 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.1"
last-modified: Mon, 06 May 2024 19:01:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 881de1aa6b0856a5-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

api2.hcaptcha.com/checksiteconfig?v=18fa736&host=www.paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0

104.18.124.91

200 OK

718 B

URL POST HTTP/3
api2.hcaptcha.com/checksiteconfig?v=18fa736&host=www.paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0
IP
104.18.124.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html#frame=challenge&id=05ol0azivi7i&host=www.paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fwww.paste.fo&size=invisible
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (734), with no line terminators
Size
718 B (718 bytes)
Hash
3c2e649b869ffda6d2875f54a020e40c
2562f42af630792e0b33e67a72de94d3dd1ed6d1
666edee9752e6485aa559edbc28c0e7cf130df825143082faa48e88e1a56cd8a

HTTP Headers

POST /checksiteconfig?v=18fa736&host=www.paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 HTTP/1.1
Host: api2.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://newassets.hcaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:13 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28vk2VKwPbLoawFj9mU2fhedYxxWRCzPBNFXSyDwK; SameSite=None; Secure; path=/; expires=Sat, 11-May-24 00:29:13 GMT; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881de1bc4e5756a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.hcaptcha.com/checksiteconfig?v=18fa736&host=www.paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0

104.18.124.91

200 OK

718 B

URL POST HTTP/3
api.hcaptcha.com/checksiteconfig?v=18fa736&host=www.paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0
IP
104.18.124.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/18fa736/static/hcaptcha.html#frame=challenge&id=1y5k95o1zypg&host=www.paste.fo&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&theme=light&origin=https%3A%2F%2Fwww.paste.fo&size=invisible
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (734), with no line terminators
Size
718 B (718 bytes)
Hash
0699ae23129c4e42f585982f50766d8a
56cc7c1ec854272aec702af745ed09b653b23b73
d99c877d7cb94964c32c3c671e403b89549800700dd99a6c04f2ee80440df36d

HTTP Headers

POST /checksiteconfig?v=18fa736&host=www.paste.fo&sitekey=9c54b617-bd43-4858-a8c9-83ce00be8180&sc=1&swa=1&spst=0 HTTP/1.1
Host: api.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://newassets.hcaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 200 OK
date: Fri, 10 May 2024 23:59:13 GMT
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881de1bc3e4d56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (31)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by