Is PasteThis.At a pro-ISIS website?

August 21, 2018 Joshua Fisher-Birch

The nature of extremists’ ongoing misuse of the Internet continues to evolve. From social media platforms to encrypted messaging channels to dedicated websites, extremists—in particular ISIS—have adapted all types of sites and online services to promote their hateful, violent ideologies.

Interestingly, the website PasteThis.At, a text-based bulletin board, has recently become an online haven for ISIS propaganda. The site is similar in layout and functionality to other sites like JustPaste.It, a well-known text and image sharing site commonly used to share computer code and a wide variety of information, which has become an important conduit for spreading ISIS content. JustPaste.It and others like it have worked to remove some of the extremist propaganda from their site, but PasteThis.At has notably not taken similar action—or any action at all—to remove terrorist content. There is, in fact, strong circumstantial evidence suggesting that PasteThis.At was created specifically for use by ISIS and their fans. Clearly, greater action is needed by the tech industry to tackle online extremism.

PasteThis.At is an easy to use website that allows for the easy sharing of text or photos. JustPaste.It, PasteThis.At, and similar websites are used by ISIS’s online supporters to spread propaganda such as execution and combat photos, links to videos on other websites, and bomb-making instructions and how-to manuals. According to Hypestat, PasteThis.At receives approximately 120 unique visitors per day compared to JustPaste.It’s 46,050. PasteThis.At’s bulletin board format is incredibly simple, which is useful because it can be accessed on slow Internet connections. It also allows for pages to be password protected and does not require any coding skills. These desirable features along with several other reasons make it very likely that PasteThis.At is a pro-ISIS site.

PasteThis.At almost entirely hosts extremist content. Unlike JustPaste.It, which contains a variety of different content, PasteThis.At only appears to host ISIS material, and a significantly smaller amount of pro-al-Qaeda content. This may not by itself be an indication of extremist sympathy, but when coupled with additional evidence, it points to the conclusion that the site has either allowed itself to be captured by ISIS’s online supporters, or that it was originally created for this purpose.

Second, PasteThis.At has extremely weak Terms of Service (TOS) that do not expressly prohibit terrorist content. The site’s TOS, which are published in Arabic only, state that “[i]t is strictly forbidden to upload any pictures or files containing obscenity to honor and Islamic religion.” Both of these thresholds are vague and lack an explicit prohibition on content that promotes terrorism or hate speech or shows graphic violence. “Honor” is a nebulous concept for determining whether or not content is permissible, and purported religious values can be manipulated. The site’s TOS do not match up with the standard legalese found on similar websites.

It is possible that PasteThis.At’s TOS could be acceptable if they were used by the site’s administrators in a way that led to the removal of unwanted content. This is, however, not the case. Terrorist propaganda is not removed from PasteThis.At, and ISIS material posted over a year ago remains on the site. It is additionally unclear how propaganda would be removed, as there is no “flagging” function for content on the site, nor is there an email address where abuse can be reported. In some cases where photos from old posts have been removed, it is due to an error with the third-party photo hosting and not PasteThis.At itself.

Fourth, the WHO.is information for the website appears to be falsified. The site is registered to a fake address in the Shetland Islands with a fake phone number. Attempts to contact the registrant of the website via email went unanswered.

A search for PasteThis.At links in a sample of approximately 250 pro-ISIS Telegram channels over six months found increased use of the site over time. ISIS uses Telegram as a primary means for spreading its propaganda online, and the frequency of posted links to other content hosting websites is an indication of the popularity of those sites. The Counter Extremism Project (CEP) first saw ISIS online supporters mention PasteThis.At on Telegram on June 6, 2017, but the site’s use has been relatively little when compared to other web pages like JustPaste.It—until July 2018. That month, the number of links to ISIS propaganda on PasteThis.At jumped to more than 3,500 links (including duplicate URLsWhen searching broadly for website URLs on Telegram, the same page may come up more than once as a result. For instance, if the site PasteThis.At/r95m was posted three times on Telegram, it would appear three times in a search for “PasteThis.At” and as a result it would be counted three times. Consequently, the fact that there were over 3,500 links to ISIS content on PasteThis.At does not indicate that there were 3,500 unique links.) from only 89 in June 2018.

PasteThis.At uses Cloudflare, a San Francisco-based tech company, as its nameserver, allowing the website to function by connecting the domain name with the IP address. CEP has previously called on Cloudflare to cease providing Internet services to terrorist organizations and neo-Nazi hate groups. Cloudflare’s CEO Matthew Prince has previously stated that it’s not the company’s role to determine “what can and cannot be on the internet.” This permissive attitude has allowed for Cloudflare’s services to be misused by groups such as Hamas, the Taliban, and the Nordic Resistance Movement.

Although the U.S. and its allies have targeted ISIS cyber operations, reducing the terrorist organization’s online presence, sites such as PasteThis.At pose a unique problem. Unlike conspicuous pro-ISIS websites that host videos, photos, and other propaganda, PasteThis.At maintains the veneer of neutrality. This makes it more difficult for governments and civil society to persuade takedown averse tech companies to remove harmful websites. What is needed above all is for tech companies to refuse to provide all services to and in support of terrorist organizations and their online supporters. The U.S. government should encourage Internet companies to pursue these policies in the interest of public safety.

Finding where extremists broadcast their message online, especially on the surface web, is important so that we can remove their dangerous material and diminish their reach and influence. PasteThis.At also raises the possibility that enterprising extremists could build their own alternative sites when mainstream platforms become inhospitable. If Internet companies like Cloudflare continue to provide services in these cases, treating these sites as just another business opportunity, it will weaken the ability of governments and civil society to fight the spread of extremism.

Daily Dose

Extremists: Their Words. Their Actions.

In Their Own Words:

We reiterate once again that the brigades will directly target US bases across the region in case the US enemy commits a folly and decides to strike our resistance fighters and their camps [in Iraq].

Abu Ali al-Askari, Kata’ib Hezbollah (KH) Security Official Mar. 2023
View Archive