paste2.org Open in urlscan Pro
2606:4700:3036::6815:4b30  Malicious Activity! Public Scan

Submitted URL: http://www.paste2.org/
Effective URL: https://paste2.org/
Submission: On June 18 via api from DE

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3036::6815:4b30, located in United States and belongs to CLOUDFLARENET, US. The main domain is paste2.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 23rd 2020. Valid for: a year.
This is the only time paste2.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

IP Address AS Autonomous System
2 7 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 2606:4700:303... 13335 (CLOUDFLAR...)
14 3
Apex Domain
Subdomains
Transfer
15 paste2.org
www.paste2.org
paste2.org
static.paste2.org
stats.paste2.org
77 KB
1 cloudflare.com
ajax.cloudflare.com
5 KB
14 2
Domain Requested by
10 static.paste2.org paste2.org
static.paste2.org
2 stats.paste2.org ajax.cloudflare.com
stats.paste2.org
2 www.paste2.org 2 redirects
1 ajax.cloudflare.com paste2.org
1 paste2.org
14 5

This site contains links to these domains. Also see Links.

Domain
twitter.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-23 -
2021-07-23
a year crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA
2020-08-11 -
2022-08-16
2 years crt.sh

This page contains 1 frames:

Primary Page: https://paste2.org/
Frame ID: 4665EE134BC76F5AB49B18F079415D9F
Requests: 14 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.paste2.org/ HTTP 301
    https://www.paste2.org/ HTTP 301
    https://paste2.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

5
Subdomains

3
IPs

1
Countries

80 kB
Transfer

205 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.paste2.org/ HTTP 301
    https://www.paste2.org/ HTTP 301
    https://paste2.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
paste2.org/
Redirect Chain
  • http://www.paste2.org/
  • https://www.paste2.org/
  • https://paste2.org/
19 KB
5 KB
Document
General
Full URL
https://paste2.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f6ed6c77136bfaa252d64caaa88f63280f460218c27393be437a998dc2ebc48

Request headers

:method
GET
:authority
paste2.org
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 13:32:56 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
cf-request-id
0ac0ec2b4c0000dfbfa61f0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7Nly%2F1i4LkEqdvRtickbmqjA0ufldLJxQ3I%2FXC2GmAcNLRE9MbuAuMEf4c19z%2B8Oc%2FbFN4e6PD5zbifM00Jg2vCoYYD5og5WIFfdT%2BjXQefGDQlM8IEyVbv7Zu7q63jHQx2e%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6614e2f21fafdfbf-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Fri, 18 Jun 2021 13:32:55 GMT
content-type
text/html
location
https://paste2.org/
cf-cache-status
DYNAMIC
cf-request-id
0ac0ec2b0e0000dfbfbab52000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZpPE0%2Bwu7Ym4K8hzNxuzAGRQFawOTaOXc0YEASlJan%2BSM3d47Ou2lazlfmT%2BYezpJ8Dk%2B8M68LpdvshGMYy3Iw6UpjB%2FizmgXe6Lx6iJlzF%2BCXvClgxhYP51USRsBQ5z%2FAmPM69y1GU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6614e2f1aee9dfbf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
paste2-compiled.css
static.paste2.org/templates/paste2/css/
22 KB
5 KB
Stylesheet
General
Full URL
https://static.paste2.org/templates/paste2/css/paste2-compiled.css
Requested by
Host: paste2.org
URL: https://paste2.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8be54d1c4f478da6feb94528597f7471a50bc11b603411d3a4782bc71c78ae19

Request headers

Referer
https://paste2.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 13:32:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
153278
cf-polished
origSize=22727
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ac0ec2b8b0000dfbf682ba000000001
last-modified
Sat, 24 Jan 2015 18:41:23 GMT
server
cloudflare
etag
W/"54c3e753-58c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=unUwcpzPt5sW1gIsMVPU5Qb2tGkQAMr%2FFH5z3i4CPk5ulvegLFiT7F7vYe%2B9LW2FbsJQKf3E6GGYrcV10l1gqxg0nuNnx2NECGwyeGRGUwwPfQdXWTk%2F1voaYDQTCdrwNpaok8cr8aqSPBI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=691200
cf-ray
6614e2f2787bdfbf-FRA
expires
Wed, 23 Jun 2021 18:57:02 GMT
default.css
static.paste2.org/templates/paste2/pygments/
2 KB
838 B
Stylesheet
General
Full URL
https://static.paste2.org/templates/paste2/pygments/default.css
Requested by
Host: paste2.org
URL: https://paste2.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88a84135c66ef1121cf4739622bd7dff598f7811b483c0d8e710cbb27a01f4be

Request headers

Referer
https://paste2.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 13:32:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
153278
cf-polished
origSize=3906
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ac0ec2b8b0000dfbf6ab5c000000001
last-modified
Sat, 24 Jan 2015 18:41:23 GMT
server
cloudflare
etag
W/"54c3e753-f42"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qvy36U24RjSeGVUgRMm%2FWGDT0%2Blx7AAzMi8CcRIRF257gDpM0TSV9DrJ3lfLJpi2Pj%2BIrJHcaWJA8VpXgAVBSEQzn%2FaZBSKiyBSesLAdVrCGQ6re6MTRKzTiSFkYx0vbTGZO5wnFE0Ex6wo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=691200
cf-ray
6614e2f27877dfbf-FRA
expires
Wed, 23 Jun 2021 18:57:02 GMT
follow_us-a.png
static.paste2.org/templates/paste2/img/
2 KB
2 KB
Image
General
Full URL
https://static.paste2.org/templates/paste2/img/follow_us-a.png
Requested by
Host: paste2.org
URL: https://paste2.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e48dad69eba31f3ce752b7984349be85f600858fae2ede9c3cf64a4515dbc960

Request headers

Referer
https://paste2.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 13:32:56 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
27383
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1981
cf-request-id
0ac0ec2b8b0000dfbf7c849000000001
last-modified
Sat, 24 Jan 2015 18:41:23 GMT
server
cloudflare
etag
"54c3e753-7bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=j2oiZ8F0ATbNZJiZpQucozfYXLjk%2B%2F6YsK%2BxdAPgSQciOzibz6Ir38iQ%2FR8s2SIrgOa%2B9zB2JoH8nBRt%2F%2BNZ7b5mLCcsHxJo4JCVRtLAd1sy2ag5Ba5INmBS4GnfPZK92UuP%2Fpy%2BdMQaCXo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6614e2f2787cdfbf-FRA
expires
Fri, 25 Jun 2021 05:55:19 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
5 KB
Script
General
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: paste2.org
URL: https://paste2.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://paste2.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 13:32:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
0ac0ec2b9100005364853d3000000001
last-modified
Wed, 16 Jun 2021 08:10:34 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"60c9b1fa-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4e7%2FaWWEPuKUW%2B8g11traLcWfETSyTltJGzrt%2BL4jWrm18N3OXb3RsII4rbiv%2BxjLsc4ytgH8Mxl9bQlWa2Mnt8KR3LobtFCwLHbqx%2FY3xDZUOzGFgBgcpR3DGXRfqv3eqmNraDqZohY8SJX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6614e2f28b0a5364-FRA
expires
Sun, 20 Jun 2021 13:32:56 GMT
/
stats.paste2.org/
3 KB
2 KB
Script
General
Full URL
https://stats.paste2.org/?js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
566098613acad5b57a11c678f23ba7b20fdf3070e5f20101fc3ec7ff544d76b4

Request headers

Referer
https://paste2.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 13:32:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
p3p
CP="NOI NID ADMa OUR IND COM NAV STA LOC"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ac0ec2bae0000dfbf72120000000001
pragma
no-cache
last-modified
Fri, 18 Jun 2021 13:31:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5TW%2FMPPOrGzEGpqn39687WAUwsKyftrJ0arvfTpqkUOnuh7FgciaFgBFW%2FCVzYGiNdpVFGbqQe9eMzXpvUY%2FhcXt1HCQEOUYTqeTRVLb%2Bi2mksrQtPn12j41niwnwFL7NHUHZygnq5TTHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6614e2f2a8dddfbf-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
stars.png
static.paste2.org/templates/paste2/img/
7 KB
8 KB
Image
General
Full URL
https://static.paste2.org/templates/paste2/img/stars.png
Requested by
Host: static.paste2.org
URL: https://static.paste2.org/templates/paste2/css/paste2-compiled.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d5c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae365ebd33969b398d8f47b780af0c4a95ba6887bc2860fa35587e8e372f3335

Request headers

Referer
https://static.paste2.org/templates/paste2/css/paste2-compiled.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 13:32:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
62315
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7538
cf-request-id
0ac0ec2bbf00004abc001fe000000001
last-modified
Sat, 24 Jan 2015 18:41:23 GMT
server
cloudflare
etag
"54c3e753-1d72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vfio4ozZLAJ0hIlS4kS9Odv3KzIqEcn10ZW2heaegoazH4dxSEY52PTqOy9DBMik5f5hywOK%2Bl4RFzK5uGJvOrr8LU2Or0kKUvoD%2B3YCq3YWcH2PR18ATQl%2BKDJNzXKQNO3RXOMjLEsa5aY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6614e2f2cb554abc-FRA
expires
Thu, 24 Jun 2021 20:13:07 GMT
logo.png
static.paste2.org/templates/paste2/img/
5 KB
5 KB
Image
General
Full URL
https://static.paste2.org/templates/paste2/img/logo.png
Requested by
Host: static.paste2.org
URL: https://static.paste2.org/templates/paste2/css/paste2-compiled.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d5c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c1674da0ebe24996f0a48fea8982d47402333d12638ad5c6c7bbe3de606bc23

Request headers

Referer
https://static.paste2.org/templates/paste2/css/paste2-compiled.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 13:32:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
27736
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4993
cf-request-id
0ac0ec2bc000004abcef13d000000001
last-modified
Sat, 24 Jan 2015 18:41:23 GMT
server
cloudflare
etag
"54c3e753-1381"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JlmmB4vBFoU0EqzcobXjLdxwOL8747DFbOnFQTt209yBCGBnFbIMv%2FsdDOSFQ1cWnGr%2FfgiWwezL1aHcXMa5XA0R4JYebSB1F3qfwf%2F%2BIpSbhj1VqZfaY0EDKvCoF9uiXRVW3RYaM1VVmuM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6614e2f2cb594abc-FRA
expires
Fri, 25 Jun 2021 05:49:26 GMT
tab_inactive.png
static.paste2.org/templates/paste2/img/
201 B
869 B
Image
General
Full URL
https://static.paste2.org/templates/paste2/img/tab_inactive.png
Requested by
Host: static.paste2.org
URL: https://static.paste2.org/templates/paste2/css/paste2-compiled.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d5c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b39dd856be2f311c6279b64c08f0dd4f1d87be33aaa1480f0848c3d637ecc521

Request headers

Referer
https://static.paste2.org/templates/paste2/css/paste2-compiled.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 13:32:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
251190
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
201
cf-request-id
0ac0ec2bbf00004abc1703f000000001
last-modified
Sat, 24 Jan 2015 18:41:23 GMT
server
cloudflare
etag
"54c3e753-c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=y7icZtTvI7rHukAv8jRUQuwu%2FuuIhzPr00QN%2FXB4u185IwZu6MGYokFU1ur7zne15H%2F9MRuEbksYxhcYf9BJlUUOHr5U7FAnOzFd3v9PGj00w3S3atbd9cKSvuFyW%2FS4DFAO4GAihcBLnYk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6614e2f2cb574abc-FRA
expires
Tue, 22 Jun 2021 15:45:10 GMT
exclamation.png
static.paste2.org/templates/paste2/img/
538 B
1 KB
Image
General
Full URL
https://static.paste2.org/templates/paste2/img/exclamation.png
Requested by
Host: static.paste2.org
URL: https://static.paste2.org/templates/paste2/css/paste2-compiled.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d5c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b40cf7a6236597089d1fafe6b6acdcb8262308f3620a881d5e9d8f1309f048ad

Request headers

Referer
https://static.paste2.org/templates/paste2/css/paste2-compiled.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 13:32:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
14381
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
538
cf-request-id
0ac0ec2bc400004abc02b4a000000001
last-modified
Sat, 24 Jan 2015 18:41:23 GMT
server
cloudflare
etag
"54c3e753-21a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GcDMtTbldn5OiFdTMeFigiP2QjLfNQDfTg6j5mGIcKm3Xs3iubo7BYpZ5bfa9bNu9m01uakQnxXM7f8OE3hZThu%2B3c9nE8%2BEEx2hDh1rhxc8abLJwMdhy%2BuauempP%2FEDUqhx74nakzIqQbc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6614e2f2cb5a4abc-FRA
expires
Fri, 25 Jun 2021 09:32:01 GMT
gh-icons.png
static.paste2.org/templates/paste2/img/
4 KB
4 KB
Image
General
Full URL
https://static.paste2.org/templates/paste2/img/gh-icons.png
Requested by
Host: static.paste2.org
URL: https://static.paste2.org/templates/paste2/css/paste2-compiled.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d5c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
018c7d12a799726510b7d6e7ce4a18023b3f70aded8102d3cdee725f34175658

Request headers

Referer
https://static.paste2.org/templates/paste2/css/paste2-compiled.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 13:32:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8507
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3948
cf-request-id
0ac0ec2bc400004abcc7aeb000000001
last-modified
Sat, 24 Jan 2015 18:41:23 GMT
server
cloudflare
etag
"54c3e753-f6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BPADkAghNpQrxkn0agz4tn5mhn%2BQ7%2FO3Xu0eTiUK4q3lDBcvfYq2BCdH4Yf86q%2BxvhaywwMpfDwTjEjxCLF2m3J7%2BtyVEp5d7Sa5z%2FGEJz7a1m%2BFMEah3qAtVhgOgyrWn4Ba7NxYcMjJ5K0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6614e2f2cb674abc-FRA
expires
Fri, 25 Jun 2021 11:09:55 GMT
/
stats.paste2.org/
10 B
1 KB
Script
General
Full URL
https://stats.paste2.org/?record&key=316a3031445348786e33323034324a4275736159614d6e36455731&referer=&resource=https%3A//paste2.org/&resource_title=Paste2.org%20-%20New%20Paste&resource_title_encoded=0&resolution=1600x1200&flash_version=0&1624023177482&serve_js
Requested by
Host: stats.paste2.org
URL: https://stats.paste2.org/?js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d5c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58382cb440b07f3c2af18a9bfbe1a185e5bac1e05fe00d1c6a65e41fde847eeb

Request headers

Referer
https://paste2.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 13:32:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
p3p
CP="NOI NID ADMa OUR IND COM NAV STA LOC"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ac0ec310d00004abcf087a000000001
pragma
no-cache
last-modified
Fri, 18 Jun 2021 13:31:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wzCdzRX2OTNVTcSjdG2%2B6zfC7G63mR%2BnmWwCFlNnAfUX5vL5HCbVrqUhXnK%2BOHdAgMamgVsUsD4uv%2B1nM%2BhN9u5PBl0Y%2Bx8ER5fjoaFjy5cdpZTDj2UzF5Fjv7GRxdwVAf%2BfOQww6aXe2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6614e2fb4f394abc-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
paste2-compiled.js
static.paste2.org/templates/paste2/js/
127 KB
39 KB
Script
General
Full URL
https://static.paste2.org/templates/paste2/js/paste2-compiled.js?1
Requested by
Host: paste2.org
URL: https://paste2.org/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d5c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00cf6e7d2c6e5c82dc45c40c95e4af199d0a78ec5d3b209f2c747430c80f788a

Request headers

Referer
https://paste2.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 13:32:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
62461
cf-polished
origSize=130392
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ac0ec310d00004abcd22ec000000001
last-modified
Sat, 24 Jan 2015 18:41:23 GMT
server
cloudflare
etag
W/"54c3e753-1fd58"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=E4wE7pmsybK%2Fxp0HuXk5e%2FDHaebUeLCVYcC7ZwrXUUB9yWG8hldEVAG2wSiQBDphpTO1SgUXPZO6UxHZAKptCuYYZ6y5upftALFycQzWe3Uvrc9Y%2BpirGZ4jskdXN7j5lyE%2F4xGE8eP6ZHY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
6614e2fb4f3b4abc-FRA
expires
Thu, 24 Jun 2021 20:10:41 GMT
select.png
static.paste2.org/templates/paste2/img/
316 B
945 B
Image
General
Full URL
https://static.paste2.org/templates/paste2/img/select.png
Requested by
Host: static.paste2.org
URL: https://static.paste2.org/templates/paste2/css/paste2-compiled.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d5c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb263a5011b340d346a85642957957653441e6cbd204d7e7d013678ca2859a84

Request headers

Referer
https://static.paste2.org/templates/paste2/css/paste2-compiled.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 13:32:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
14041
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
316
cf-request-id
0ac0ec313e00004abcdb3c5000000001
last-modified
Sat, 24 Jan 2015 18:41:23 GMT
server
cloudflare
etag
"54c3e753-13c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9y80zBQUhJcC3NlucSx6np2bzjCqtP6sMiRbQw%2Benc3GGdN2Fi%2BI5F2aHWuZIx5K7cb3toyNThVqz1efUhkiS2OdJgxMicfhWGHRsmWarpkd8H3QAdoSFkFNZJXyjVfXeq4XmsT2aXfKl7o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6614e2fb9ff04abc-FRA
expires
Fri, 25 Jun 2021 09:37:41 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| __cfQR function| downloadJSAtOnload object| Mint string| Mint_SI_DocumentTitle boolean| __cfRLUnblockHandlers function| $ function| jQuery function| Sizzle function| checkAllPrettyCheckboxes object| s object| c object| $this

0 Cookies