urlscan.io logo urlscan.io
SecurityTrails logo

paste.rs Open in urlscan Pro
45.63.94.214  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ft678ik.xyz/?nav11=fa380d49d739e0868f9d2c2a4e639&d=1&x=28&nav11=a41a28bab4d27b72a5ec3db3f20&p=age%20of%20emp...
Effective URL: https://paste.rs/QY0IA.txt
Submission: On June 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 45.63.94.214, located in Santa Clara, United States and belongs to AS-CHOOPA, US. The main domain is paste.rs.
TLS certificate: Issued by R3 on May 1st 2024. Valid for: 3 months.
This is the only time paste.rs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
6 188.114.96.9 13335 (CLOUDFLAR...)
4 45.63.94.214 20473 (AS-CHOOPA)
11 3
Apex Domain
Subdomains		 Transfer
6 yzxvpo09.pro
yzxvpo09.pro
4 KB
4 paste.rs
paste.rs
6 KB
1 ft678ik.xyz
ft678ik.xyz
602 B
11 3
Domain Requested by
6 yzxvpo09.pro ft678ik.xyz
4 paste.rs yzxvpo09.pro
paste.rs
1 ft678ik.xyz
11 3

This site contains no links.

Subject Issuer Validity Valid
ft678ik.xyz
E1		 2024-05-22 -
2024-08-20		 3 months crt.sh
yzxvpo09.pro
WE1		 2024-06-21 -
2024-09-19		 3 months crt.sh
paste.rs
R3		 2024-05-01 -
2024-07-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://paste.rs/QY0IA.txt
Frame ID: 3D90BC90CC8358396A200141E5506569
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Source Code | QY0IA | Rocket Powered Pastebin

Page URL History Show full URLs

  1. http://ft678ik.xyz/?nav11=fa380d49d739e0868f9d2c2a4e639&d=1&x=28&nav11=a41a28bab4d27b72a5ec3db3... HTTP 307
    https://ft678ik.xyz/?nav11=fa380d49d739e0868f9d2c2a4e639&d=1&x=28&nav11=a41a28bab4d27b72a5ec3db3... Page URL
  2. https://yzxvpo09.pro/?s=age-of-empires-2-gold-edition&p=28 Page URL
  3. https://paste.rs/QY0IA.txt Page URL

Page Statistics

11
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

10 kB
Transfer

9 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ft678ik.xyz/?nav11=fa380d49d739e0868f9d2c2a4e639&d=1&x=28&nav11=a41a28bab4d27b72a5ec3db3f20&p=age%20of%20empires%202%20gold%20edition HTTP 307
    https://ft678ik.xyz/?nav11=fa380d49d739e0868f9d2c2a4e639&d=1&x=28&nav11=a41a28bab4d27b72a5ec3db3f20&p=age%20of%20empires%202%20gold%20edition Page URL
  2. https://yzxvpo09.pro/?s=age-of-empires-2-gold-edition&p=28 Page URL
  3. https://paste.rs/QY0IA.txt Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ft678ik.xyz/?nav11=fa380d49d739e0868f9d2c2a4e639&d=1&x=28&nav11=a41a28bab4d27b72a5ec3db3f20&p=age%20of%20empires%202%20gold%20edition HTTP 307
  • https://ft678ik.xyz/?nav11=fa380d49d739e0868f9d2c2a4e639&d=1&x=28&nav11=a41a28bab4d27b72a5ec3db3f20&p=age%20of%20empires%202%20gold%20edition

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ft678ik.xyz/
Redirect Chain
  • http://ft678ik.xyz/?nav11=fa380d49d739e0868f9d2c2a4e639&d=1&x=28&nav11=a41a28bab4d27b72a5ec3db3f20&p=age%20of%20empires%202%20gold%20edition
  • https://ft678ik.xyz/?nav11=fa380d49d739e0868f9d2c2a4e639&d=1&x=28&nav11=a41a28bab4d27b72a5ec3db3f20&p=age%20of%20empires%202%20gold%20edition
160 B
602 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ft678ik.xyz/?nav11=fa380d49d739e0868f9d2c2a4e639&d=1&x=28&nav11=a41a28bab4d27b72a5ec3db3f20&p=age%20of%20empires%202%20gold%20edition
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8f8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8995ac121fc665c3-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 25 Jun 2024 14:33:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NXzaji1TOQPiNutc78Q3Qm2HwDljEClzAdGWDsaOejH%2Fr2ETC91u1%2FptHHsV1TULUYtp4k%2BVO36WDC%2BVjGOPdbu%2FEIt343S1vgAMWV%2FJFM8bgC8o6A0HxqbuaztncZW8SuFkCsq0K1BEdA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.0.30

Redirect headers

Location
https://ft678ik.xyz/?nav11=fa380d49d739e0868f9d2c2a4e639&d=1&x=28&nav11=a41a28bab4d27b72a5ec3db3f20&p=age%20of%20empires%202%20gold%20edition
Non-Authoritative-Reason
HttpsUpgrades
/
yzxvpo09.pro/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yzxvpo09.pro/?s=age-of-empires-2-gold-edition&p=28
Requested by
Host: ft678ik.xyz
URL: https://ft678ik.xyz/?nav11=fa380d49d739e0868f9d2c2a4e639&d=1&x=28&nav11=a41a28bab4d27b72a5ec3db3f20&p=age%20of%20empires%202%20gold%20edition
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
a53a458acad1fc859c1100330868b2b12c2849b8a60b48f790fc02de91493eea

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ft678ik.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8995ac13ed412bad-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 25 Jun 2024 14:33:21 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tjvKE%2BEwOP4pSG9MwHyojFPgC%2BslgxXvtZhbxYMK00LcvTHGlgrym6t01Tj3hvKIVu%2B6gc%2F0%2FZ2z8Pq6tQ0Q0wf5Q%2BhVwLTe%2FmT33EkWL49wI2q7ri2cAdbszY%2BZTAQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.2.34
favicon.ico
yzxvpo09.pro/ 		20 B
529 B 		Other
General
Check archive.org
Download Go to
Full URL
https://yzxvpo09.pro/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yzxvpo09.pro/?s=age-of-empires-2-gold-edition&p=28
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 14:33:24 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZSF50zptEd2njd3HG%2Br9on%2F57pXOfw%2FR6OqH4eI8d1k3WPi2gepPrcmz6pmBSRyerzOF7itTZuH3qhyrbMhVFn%2BKN%2FCKLDilakjyFA%2FbEjBCGk%2FAdTNP1EmgvNDqvRU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
8995ac25ad972bad-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
favicon.ico
yzxvpo09.pro/ 		20 B
527 B 		Other
General
Check archive.org
Download Go to
Full URL
https://yzxvpo09.pro/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yzxvpo09.pro/?1kziVMeE0m2Grb?utm=7
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 14:33:24 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J3EElQofZy%2BbFBL6nDsyItugKOw0jbvj36MeN2HI5C%2F8wTrBJll%2BqT1MTTHW3GvRmDjw%2FJux9gYwFVGiLQG8WZvqMSvjlWFM8l9rx2wlu0TvsS90OFjv2JECpKJ3Dz0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
8995ac26af512bad-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
favicon.ico
yzxvpo09.pro/ 		20 B
519 B 		Other
General
Check archive.org
Download Go to
Full URL
https://yzxvpo09.pro/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yzxvpo09.pro/?1kziVMeE0m2Grb?utm=4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 14:33:24 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fkx0qcArf1kDoYCU3PW2Pwh2cZ4AsUgFLcomiNVDi7ann2BZ3Br9qHkZ1RntwASb0WS8hMypbf0RfdUhVCUqOpjBer9mW6Tc83OmChdvf5%2BNe8B9JJPPHiOO1xwuI8g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
8995ac2728352bad-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
favicon.ico
yzxvpo09.pro/ 		20 B
528 B 		Other
General
Check archive.org
Download Go to
Full URL
https://yzxvpo09.pro/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yzxvpo09.pro/?1kziVMeE0m2Grb?utm=3
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 14:33:24 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BgnzNV76Xv2psAB3GMHS8pRXQbH2om5rybk6ZGuJqXMveMgDB8h9wwhP%2FayZldRFtdrIle9UuJ9xG7XxLLJ%2FHDGD9WucM%2BC%2FaxfwdMUoT8iyg8FQ9BvtfMxjum%2BGgZM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
8995ac27a8f72bad-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
favicon.ico
yzxvpo09.pro/ 		20 B
528 B 		Other
General
Check archive.org
Download Go to
Full URL
https://yzxvpo09.pro/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yzxvpo09.pro/?1kziVMeE0m2Grb?utm=1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 14:33:24 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ch%2FT59wVPVcHvLRQRRYZOZNKR3LMEzK4XHMElekO5C84IynYyuA%2FSoRiOnLK%2FAulYP%2Fp%2FXXfd01QTdy4uRaoSzO5McV2m3RoyJQ63nciOa0qamOAYNuL%2BLCLdqz2jeA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
8995ac2839ad2bad-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
Primary Request QY0IA.txt
paste.rs/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paste.rs/QY0IA.txt
Requested by
Host: yzxvpo09.pro
URL: https://yzxvpo09.pro/?s=age-of-empires-2-gold-edition&p=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.63.94.214 Santa Clara, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
sergio.bz
Software
nginx /
Resource Hash
53d482ff89b189495fa9b33fb2cc22a62340c8bbb941d2545ba2a6ebfc6a3859
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://yzxvpo09.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 25 Jun 2024 14:33:24 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
permissions-policy
interest-cohort=()
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
normalize.min.css
paste.rs/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paste.rs/normalize.min.css
Requested by
Host: paste.rs
URL: https://paste.rs/QY0IA.txt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.63.94.214 Santa Clara, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
sergio.bz
Software
nginx /
Resource Hash
ee733a13231e0683bf55cfd944f5d2bd445e6ea91488348df313cc37e8f4b031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://paste.rs/QY0IA.txt
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 25 Jun 2024 14:33:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
Content-Encoding
gzip
Server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
text/css; charset=utf-8
Vary
Accept-Encoding
permissions-policy
interest-cohort=()
Connection
close
X-XSS-Protection
1; mode=block
code.min.css
paste.rs/ 		601 B
1013 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paste.rs/code.min.css
Requested by
Host: paste.rs
URL: https://paste.rs/QY0IA.txt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.63.94.214 Santa Clara, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
sergio.bz
Software
nginx /
Resource Hash
2eaa8b7de74f45409f7d72e96d0d81d0509e670af7c7b0445c8a8af6435ac58b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://paste.rs/QY0IA.txt
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 25 Jun 2024 14:33:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
Server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/css; charset=utf-8
permissions-policy
interest-cohort=()
Connection
close
Content-Length
601
X-XSS-Protection
1; mode=block
favicon-32x32.png
paste.rs/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://paste.rs/favicon-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.63.94.214 Santa Clara, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
sergio.bz
Software
nginx /
Resource Hash
7c27afe739bead37eb8633716398b529d6a00a56e38cb2b07ef3a0ff03f5a6d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://paste.rs/QY0IA.txt
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 25 Jun 2024 14:33:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
Server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/png
permissions-policy
interest-cohort=()
Connection
close
Content-Length
1668
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

1 Cookies

Domain/Path Name / Value
yzxvpo09.pro/ Name: PHPSESSID
Value: 6555bdf0f610c17fe3d09e5a3091f78d