paste2.org
Open in
urlscan Pro
2606:4700:3036::6815:4b30
Malicious Activity!
Public Scan
Effective URL: https://paste2.org/
Submission: On June 18 via api from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 23rd 2020. Valid for: a year.
This is the only time paste2.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 7 | 2606:4700:303... 2606:4700:3036::6815:4b30 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:a823 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 2606:4700:303... 2606:4700:3030::ac43:d5c4 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 3 |
ASN13335 (CLOUDFLARENET, US)
www.paste2.org | |
paste2.org | |
static.paste2.org | |
stats.paste2.org |
ASN13335 (CLOUDFLARENET, US)
static.paste2.org | |
stats.paste2.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
paste2.org
2 redirects
www.paste2.org paste2.org static.paste2.org stats.paste2.org |
77 KB |
1 |
cloudflare.com
ajax.cloudflare.com |
5 KB |
14 | 2 |
Domain | Requested by | |
---|---|---|
10 | static.paste2.org |
paste2.org
static.paste2.org |
2 | stats.paste2.org |
ajax.cloudflare.com
stats.paste2.org |
2 | www.paste2.org | 2 redirects |
1 | ajax.cloudflare.com |
paste2.org
|
1 | paste2.org | |
14 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
twitter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-23 - 2021-07-23 |
a year | crt.sh |
ajax.cloudflare.com DigiCert ECC Secure Server CA |
2020-08-11 - 2022-08-16 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://paste2.org/
Frame ID: 4665EE134BC76F5AB49B18F079415D9F
Requests: 14 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.paste2.org/
HTTP 301
https://www.paste2.org/ HTTP 301
https://paste2.org/ Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.paste2.org/
HTTP 301
https://www.paste2.org/ HTTP 301
https://paste2.org/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
paste2.org/ Redirect Chain
|
19 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
paste2-compiled.css
static.paste2.org/templates/paste2/css/ |
22 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.css
static.paste2.org/templates/paste2/pygments/ |
2 KB 838 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
follow_us-a.png
static.paste2.org/templates/paste2/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
stats.paste2.org/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
stars.png
static.paste2.org/templates/paste2/img/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
logo.png
static.paste2.org/templates/paste2/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
tab_inactive.png
static.paste2.org/templates/paste2/img/ |
201 B 869 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
exclamation.png
static.paste2.org/templates/paste2/img/ |
538 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
gh-icons.png
static.paste2.org/templates/paste2/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
/
stats.paste2.org/ |
10 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
paste2-compiled.js
static.paste2.org/templates/paste2/js/ |
127 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
select.png
static.paste2.org/templates/paste2/img/ |
316 B 945 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| __cfQR function| downloadJSAtOnload object| Mint string| Mint_SI_DocumentTitle boolean| __cfRLUnblockHandlers function| $ function| jQuery function| Sizzle function| checkAllPrettyCheckboxes object| s object| c object| $this0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.cloudflare.com
paste2.org
static.paste2.org
stats.paste2.org
www.paste2.org
2606:4700:3030::ac43:d5c4
2606:4700:3036::6815:4b30
2606:4700::6810:a823
00cf6e7d2c6e5c82dc45c40c95e4af199d0a78ec5d3b209f2c747430c80f788a
018c7d12a799726510b7d6e7ce4a18023b3f70aded8102d3cdee725f34175658
3f6ed6c77136bfaa252d64caaa88f63280f460218c27393be437a998dc2ebc48
566098613acad5b57a11c678f23ba7b20fdf3070e5f20101fc3ec7ff544d76b4
58382cb440b07f3c2af18a9bfbe1a185e5bac1e05fe00d1c6a65e41fde847eeb
5c1674da0ebe24996f0a48fea8982d47402333d12638ad5c6c7bbe3de606bc23
88a84135c66ef1121cf4739622bd7dff598f7811b483c0d8e710cbb27a01f4be
8be54d1c4f478da6feb94528597f7471a50bc11b603411d3a4782bc71c78ae19
ae365ebd33969b398d8f47b780af0c4a95ba6887bc2860fa35587e8e372f3335
b39dd856be2f311c6279b64c08f0dd4f1d87be33aaa1480f0848c3d637ecc521
b40cf7a6236597089d1fafe6b6acdcb8262308f3620a881d5e9d8f1309f048ad
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e48dad69eba31f3ce752b7984349be85f600858fae2ede9c3cf64a4515dbc960
fb263a5011b340d346a85642957957653441e6cbd204d7e7d013678ca2859a84