urlscan.io logo urlscan.io
SecurityTrails logo

paste.tf Open in urlscan Pro
185.246.188.252  Public Scan

Go To Rescan Add Verdict Report
URL: https://paste.tf/
Submission: On November 23 via api from BE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 16 HTTP transactions. The main IP is 185.246.188.252, located in Netherlands and belongs to FlokiNET FlokiNET ehf, IS. The main domain is paste.tf.
TLS certificate: Issued by E6 on October 29th 2024. Valid for: 3 months.
This is the only time paste.tf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 185.246.188.252 200651 (FlokiNET ...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 162.19.58.159 16276 (OVH OVH SAS)
1 199.232.192.193 54113 (FASTLY)
1 142.250.184.227 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
16 10
8    185.246.188.252 (Netherlands)

ASN200651 (FlokiNET FlokiNET ehf, IS)
PTR: ddos1.flokinet.is
paste.tf
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:f8cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    162.19.58.159 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3096667.ip-162-19-58.eu
i.ibb.co
1    199.232.192.193 (United States)

ASN54113 (FASTLY, US)
i.imgur.com
1    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
fonts.gstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
8 paste.tf
paste.tf
168 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
ajax.googleapis.com — Cisco Umbrella Rank: 415
32 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 gstatic.com
fonts.gstatic.com
27 KB
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 8961
22 KB
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 14048
22 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
17 KB
16 8
Domain Requested by
8 paste.tf paste.tf
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 i.imgur.com paste.tf
1 i.ibb.co paste.tf
1 ajax.googleapis.com paste.tf
1 www.googletagmanager.com paste.tf
1 unpkg.com paste.tf
1 fonts.googleapis.com paste.tf
16 9

This site contains links to these domains. Also see Links.

Domain
t.me
Subject Issuer Validity Valid
paste.tf
E6		 2024-10-29 -
2025-01-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
unpkg.com
WE1		 2024-11-23 -
2025-02-21		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
ibb.co
E6		 2024-10-21 -
2025-01-19		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://paste.tf/
Frame ID: 6CF90C34C00F89CF76078696B786D10E
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PASTE.TF - Create a new paste

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

10
IPs

4
Countries

396 kB
Transfer

715 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
paste.tf/ 		11 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paste.tf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.246.188.252 , Netherlands, ASN200651 (FlokiNET FlokiNET ehf, IS),
Reverse DNS
ddos1.flokinet.is
Software
nginx / PHP/8.3.12
Resource Hash
cff93dce8669a5211f5f88e1e72280c7cbc24c92418647ee3376863bf2ba28ee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 23 Nov 2024 14:15:30 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/8.3.12
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:ital,wght@0,200..800;1,200..800&display=swap
Requested by
Host: paste.tf
URL: https://paste.tf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f7ec0df0a027b588a6e86ada5c92628f00ca7142626f73ee0a4e9b681c0ca4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paste.tf/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 23 Nov 2024 14:15:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 14:15:31 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 23 Nov 2024 13:12:26 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
boxicons.min.css
unpkg.com/boxicons@2.1.4/css/ 		66 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/boxicons@2.1.4/css/boxicons.min.css
Requested by
Host: paste.tf
URL: https://paste.tf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
620eea24b0cee1d8cc8395c80f295cf2e7b6fab962493c26b49a8d42b63a4dc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paste.tf/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"109bc-IH/O3L/2oFuyFxGxc9h5/AQWzS0"
age
1340127
x-content-type-options
nosniff
date
Sat, 23 Nov 2024 14:15:31 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JC4R009H6C7Y4BHXJ8KAGE0R-ams
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8e71c59299415c4d-AMS
access-control-allow-origin
*
server
cloudflare
normalize.min.css
paste.tf/assets/css/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paste.tf/assets/css/normalize.min.css
Requested by
Host: paste.tf
URL: https://paste.tf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.246.188.252 , Netherlands, ASN200651 (FlokiNET FlokiNET ehf, IS),
Reverse DNS
ddos1.flokinet.is
Software
nginx /
Resource Hash
a1bd2bea804f0b4c3e18a7985978fe4e892030ebb0523cce324b4e6d19a15aaa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paste.tf/

Response headers

Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9417
Date
Sat, 23 Nov 2024 14:15:30 GMT
Content-Type
text/css
Last-Modified
Tue, 27 Jun 2023 01:29:42 GMT
Server
nginx
Vary
Accept-Encoding
iziModal.min.css
paste.tf/assets/css/ 		88 KB
88 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paste.tf/assets/css/iziModal.min.css
Requested by
Host: paste.tf
URL: https://paste.tf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.246.188.252 , Netherlands, ASN200651 (FlokiNET FlokiNET ehf, IS),
Reverse DNS
ddos1.flokinet.is
Software
nginx /
Resource Hash
0fb07df149dbff1dfe0d1fb866792e9bc7a769fdbfdf79dd8dafa3f763effd0d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paste.tf/

Response headers

Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89843
Date
Sat, 23 Nov 2024 14:15:30 GMT
Content-Type
text/css
Last-Modified
Wed, 31 May 2023 08:17:24 GMT
Server
nginx
Vary
Accept-Encoding
global.min.css
paste.tf/assets/css/ 		19 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paste.tf/assets/css/global.min.css?t=1720277014
Requested by
Host: paste.tf
URL: https://paste.tf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.246.188.252 , Netherlands, ASN200651 (FlokiNET FlokiNET ehf, IS),
Reverse DNS
ddos1.flokinet.is
Software
nginx /
Resource Hash
f190a034d3c561e675f894b66a13221ea4f6941ef18a1a4614f10a96cc556f57

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paste.tf/

Response headers

Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19072
Date
Sat, 23 Nov 2024 14:15:30 GMT
Content-Type
text/css
Last-Modified
Sat, 06 Jul 2024 14:43:34 GMT
Server
nginx
Vary
Accept-Encoding
responsive.css
paste.tf/assets/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paste.tf/assets/css/responsive.css?t=1720277014
Requested by
Host: paste.tf
URL: https://paste.tf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.246.188.252 , Netherlands, ASN200651 (FlokiNET FlokiNET ehf, IS),
Reverse DNS
ddos1.flokinet.is
Software
nginx /
Resource Hash
53b11785a801c00d9f05be2610d0e8930b99485cd453c9f80d8e089105bb095a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paste.tf/

Response headers

Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2338
Date
Sat, 23 Nov 2024 14:15:30 GMT
Content-Type
text/css
Last-Modified
Sat, 17 Feb 2024 21:46:06 GMT
Server
nginx
Vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		323 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8QHEXKB6S8
Requested by
Host: paste.tf
URL: https://paste.tf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec66da09cd1bfc2246462771e3e53f33a1e882352403619f0e218dc3b06819fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paste.tf/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 23 Nov 2024 14:15:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 14:15:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109829
x-xss-protection
0
server
Google Tag Manager
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: paste.tf
URL: https://paste.tf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paste.tf/

Response headers

content-encoding
gzip
age
419329
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Tue, 18 Nov 2025 17:46:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 17:46:41 GMT
last-modified
Thu, 08 Sep 2022 18:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
31100
x-xss-protection
0
server
sffe
iziModal.min.js
paste.tf/assets/js/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paste.tf/assets/js/iziModal.min.js
Requested by
Host: paste.tf
URL: https://paste.tf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.246.188.252 , Netherlands, ASN200651 (FlokiNET FlokiNET ehf, IS),
Reverse DNS
ddos1.flokinet.is
Software
nginx /
Resource Hash
45eef02ff011e81c1f5c80c0edf0bc8b91d43e2223f5b35e04dd3078f04321bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paste.tf/

Response headers

Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26203
Date
Sat, 23 Nov 2024 14:15:30 GMT
Content-Type
text/javascript
Last-Modified
Wed, 31 May 2023 08:17:24 GMT
Server
nginx
Vary
Accept-Encoding
general.js
paste.tf/assets/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paste.tf/assets/js/general.js
Requested by
Host: paste.tf
URL: https://paste.tf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.246.188.252 , Netherlands, ASN200651 (FlokiNET FlokiNET ehf, IS),
Reverse DNS
ddos1.flokinet.is
Software
nginx /
Resource Hash
7dc3fefbeb07586c81e1e569150a690dcef29c9b4e21745231691a652d88a574

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paste.tf/

Response headers

Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4369
Date
Sat, 23 Nov 2024 14:15:30 GMT
Content-Type
text/javascript
Last-Modified
Wed, 13 Sep 2023 14:45:26 GMT
Server
nginx
Vary
Accept-Encoding
sparkling.gif
i.ibb.co/R60RZRS/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/R60RZRS/sparkling.gif
Requested by
Host: paste.tf
URL: https://paste.tf/assets/css/global.min.css?t=1720277014
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.159 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3096667.ip-162-19-58.eu
Software
nginx /
Resource Hash
d053beda954a4ecaef2c6aea4c68aa7a524d8c79056f68ec44c96636a1fe18f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paste.tf/

Response headers

cache-control
max-age=315360000, public
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
22261
date
Sat, 23 Nov 2024 14:15:31 GMT
content-type
image/gif
last-modified
Fri, 24 Jun 2022 21:24:42 GMT
server
nginx
n4qZ9Qu.gif
i.imgur.com/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/n4qZ9Qu.gif
Requested by
Host: paste.tf
URL: https://paste.tf/assets/css/global.min.css?t=1720277014
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
b0035a821da6f3951a03172ee0086863d3929da8df65e4962c416369b652d783
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paste.tf/

Response headers

etag
"3a2e6e66e8e9a0c2c519309d2a75894e"
age
2268595
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
2VTxoRFzpwca-9s6zP0h1JChBuCl2e-cbvuYEnHg9J684_2aNlnrTQ==
date
Sat, 23 Nov 2024 14:15:31 GMT
content-type
image/gif
last-modified
Thu, 20 Oct 2022 17:53:07 GMT
x-cache-hits
467, 0
x-served-by
cache-iad-kcgs7200034-IAD, cache-bru1480070-BRU
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1732371331.234555,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
content-length
21998
x-amz-cf-pop
IAD89-P1
server
cat factory 1.0
LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2
fonts.gstatic.com/s/plusjakartasans/v8/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/plusjakartasans/v8/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:ital,wght@0,200..800;1,200..800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://paste.tf
Referer
https://fonts.googleapis.com/

Response headers

age
319637
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 19 Nov 2025 21:28:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 21:28:14 GMT
last-modified
Thu, 22 Jun 2023 14:14:33 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
27444
x-xss-protection
0
server
sffe
truncated
/ 		124 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
758c6d946808eb107b1edaafb1c3094a1fe1f87ce5ba70a3ba11c6cded534f09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8QHEXKB6S8&gtm=45je4bk0v9177926295za200&_p=1732371331093&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1894739693.1732371331&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732371331&sct=1&seg=0&dl=https%3A%2F%2Fpaste.tf%2F&dt=PASTE.TF%20-%20Create%20a%20new%20paste&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1099
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8QHEXKB6S8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paste.tf/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paste.tf
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 14:15:31 GMT
content-type
text/plain
server
Golfe2
favicon.png
paste.tf/assets/images/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://paste.tf/assets/images/favicon.png?h=8s957s95s2a14
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.246.188.252 , Netherlands, ASN200651 (FlokiNET FlokiNET ehf, IS),
Reverse DNS
ddos1.flokinet.is
Software
nginx /
Resource Hash
c98829adc823a896d6894afb8c05aa7a5404e4b21da54dc31822d06493725599

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paste.tf/

Response headers

Accept-Ranges
bytes
Content-Length
7189
Date
Sat, 23 Nov 2024 14:15:31 GMT
Content-Type
image/png
Last-Modified
Sun, 18 Feb 2024 16:14:57 GMT
Server
nginx
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| $ function| jQuery object| $iziModal function| updateLineNumbers object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
paste.tf/ Name: XSRF-TOKEN
Value: eyJpdiI6ImdSWGNyT1ZZOGRXU0szNkt0TUNzZGc9PSIsInZhbHVlIjoiYk1OVExtTzNHZDNkKzhxR29VNU1DY2g4WnpMc2Jzd3IrTjJod0pOTTVkL2xIQ3VGUHNBa01ncDB1cUFtdVkxMU5sWXlCSXd1d0JPdnovQi8wU2VqT28ycVpSajJGK05zaktHQVcrcFpaaEZuK0dLWE1STC83dkVyMUFxNVg4eUoiLCJtYWMiOiJlNzMyMWJmZmMwZWY3MWJjODgyODBkYzU3NWYxZWRiYmQ2MzI0M2JhZTk1ZTYxM2VkNTA0M2U1YzJkNzZkYzQzIiwidGFnIjoiIn0%3D
paste.tf/ Name: pastetf_session
Value: eyJpdiI6IjhIcjBod2JhZkIwYi9mSGl1bkVCdnc9PSIsInZhbHVlIjoiM0ljT2RqT01VMXJxaTAreGMxT0dmemZIcllya2ZOUGt3dlFleDZGMUtyNjdZeGovMGpzVGhVZkFOa09SaXp5Q2U2WDk5V1B1UndYRFhZY1N4S3hUVEhuMElyd09PWTFkRnNKcE1qYml1WHVWdGhBTzFsd1h2MEZ1QzZ3UGJvTXgiLCJtYWMiOiIwMjFhNWY1OGQ3ZWUwYTAzZTYzYzlmNzA5OTA1MDg0NDJlMGIxZjMyYzZkOGUzN2FjODlkMTM5M2RlNDQ5MGQzIiwidGFnIjoiIn0%3D
.paste.tf/ Name: _ga_8QHEXKB6S8
Value: GS1.1.1732371331.1.0.1732371331.0.0.0
.paste.tf/ Name: _ga
Value: GA1.1.1894739693.1732371331

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
i.imgur.com
paste.tf
region1.google-analytics.com
unpkg.com
www.googletagmanager.com
142.250.184.227
162.19.58.159
185.246.188.252
199.232.192.193
2001:4860:4802:34::36
2606:4700::6811:f8cb
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200a
0fb07df149dbff1dfe0d1fb866792e9bc7a769fdbfdf79dd8dafa3f763effd0d
1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40
45eef02ff011e81c1f5c80c0edf0bc8b91d43e2223f5b35e04dd3078f04321bd
53b11785a801c00d9f05be2610d0e8930b99485cd453c9f80d8e089105bb095a
620eea24b0cee1d8cc8395c80f295cf2e7b6fab962493c26b49a8d42b63a4dc9
758c6d946808eb107b1edaafb1c3094a1fe1f87ce5ba70a3ba11c6cded534f09
7dc3fefbeb07586c81e1e569150a690dcef29c9b4e21745231691a652d88a574
7f7ec0df0a027b588a6e86ada5c92628f00ca7142626f73ee0a4e9b681c0ca4c
a1bd2bea804f0b4c3e18a7985978fe4e892030ebb0523cce324b4e6d19a15aaa
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
b0035a821da6f3951a03172ee0086863d3929da8df65e4962c416369b652d783
c98829adc823a896d6894afb8c05aa7a5404e4b21da54dc31822d06493725599
cff93dce8669a5211f5f88e1e72280c7cbc24c92418647ee3376863bf2ba28ee
d053beda954a4ecaef2c6aea4c68aa7a524d8c79056f68ec44c96636a1fe18f5
ec66da09cd1bfc2246462771e3e53f33a1e882352403619f0e218dc3b06819fb
f190a034d3c561e675f894b66a13221ea4f6941ef18a1a4614f10a96cc556f57