Submitted URL: http://paste.ulvis.net/
Effective URL: https://pastebin.ulvis.net/
Submission: On August 12 via manual from US

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3031::681c:1efa, located in United States and belongs to CLOUDFLARENET, US. The main domain is pastebin.ulvis.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 10th 2020. Valid for: a year.
This is the only time pastebin.ulvis.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 13 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 5.9.10.165 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 7
Domain Requested by
13 pastebin.ulvis.net 1 redirects pastebin.ulvis.net
ajax.cloudflare.com
2 www.google-analytics.com 1 redirects googletagmanager.com
1 www.google.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 code.jquery.com ajax.cloudflare.com
1 googletagmanager.com ajax.cloudflare.com
1 ad.a-ads.com pastebin.ulvis.net
1 ajax.cloudflare.com pastebin.ulvis.net
1 paste.ulvis.net 1 redirects
18 10

This site contains links to these domains. Also see Links.

Domain
ulvis.net
whois.ulvis.net
sreenshot.ulvis.net
chat.ulvis.net
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-10 -
2021-07-10
a year crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA
2020-08-11 -
2022-08-16
2 years crt.sh
*.a-ads.com
COMODO RSA Domain Validation Secure Server CA
2018-11-14 -
2020-12-09
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-07-15 -
2020-10-07
3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
www.google.de
GTS CA 1O1
2020-07-15 -
2020-10-07
3 months crt.sh

This page contains 2 frames:

Primary Page: https://pastebin.ulvis.net/
Frame ID: F0A24AE97C852E494CCEE398B12DB5EE
Requests: 17 HTTP requests in this frame

Frame: https://ad.a-ads.com/1120283?size=120x90
Frame ID: 81403656370CE13900EF4778695C050E
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://paste.ulvis.net/ HTTP 301
    http://pastebin.ulvis.net/ HTTP 301
    https://pastebin.ulvis.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

18
Requests

100 %
HTTPS

90 %
IPv6

9
Domains

10
Subdomains

7
IPs

4
Countries

141 kB
Transfer

424 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paste.ulvis.net/ HTTP 301
    http://pastebin.ulvis.net/ HTTP 301
    https://pastebin.ulvis.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1753403335&t=pageview&_s=1&dl=https%3A%2F%2Fpastebin.ulvis.net%2F&ul=en-us&de=UTF-8&dt=Add%20paste%20-%20pastebin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1793636261&gjid=21165318&cid=1524604617.1597212030&tid=UA-74212407-1&_gid=1373995386.1597212030&_r=1&gtm=2ou871&z=16855016 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-74212407-1&cid=1524604617.1597212030&jid=1793636261&_gid=1373995386.1597212030&gjid=21165318&_v=j83&z=16855016 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74212407-1&cid=1524604617.1597212030&jid=1793636261&_v=j83&z=16855016 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74212407-1&cid=1524604617.1597212030&jid=1793636261&_v=j83&z=16855016&slf_rd=1&random=3981295886

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
pastebin.ulvis.net/
Redirect Chain
  • http://paste.ulvis.net/
  • http://pastebin.ulvis.net/
  • https://pastebin.ulvis.net/
13 KB
4 KB
Document
General
Full URL
https://pastebin.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1efa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.29
Resource Hash
42e0f6c7db79cb2291bce5a0a75a3bb35f177150e19deed0e688de59c1a143ce
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
pastebin.ulvis.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 12 Aug 2020 06:00:29 GMT
content-type
text/html
set-cookie
__cfduid=d419d648264dea0746c87a8eecc15017c1597212029; expires=Fri, 11-Sep-20 06:00:29 GMT; path=/; domain=.ulvis.net; HttpOnly; SameSite=Lax; Secure
x-frame-options
SAMEORIGIN
x-powered-by
PHP/5.3.29
cache-control
max-age=864000
expires
Sat, 22 Aug 2020 06:00:29 GMT
vary
Accept-Encoding,User-Agent
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer
cf-cache-status
DYNAMIC
cf-request-id
0482da895b00001f359b3f9200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
server
cloudflare
cf-ray
5c17f9eef8661f35-FRA
content-encoding
br

Redirect headers

Date
Wed, 12 Aug 2020 06:00:29 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 12 Aug 2020 07:00:29 GMT
Location
https://pastebin.ulvis.net/
cf-request-id
0482da89300000324000351200000001
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
Server
cloudflare
CF-RAY
5c17f9eebe983240-FRA
style.css
pastebin.ulvis.net/themes/bootstrap/style/
5 KB
1 KB
Stylesheet
General
Full URL
https://pastebin.ulvis.net/themes/bootstrap/style/style.css
Requested by
Host: pastebin.ulvis.net
URL: https://pastebin.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1efa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f660f6895fa2f6271dc294739cb6d94fa178e41092911d320053fee7f8fba8a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 06:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
83102
cf-polished
origSize=6668
status
200
strict-transport-security
max-age=0; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 02 Jan 2020 12:19:39 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3901bcc-1a0c-59b2735036cc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
expires
Tue, 18 Aug 2020 06:55:27 GMT
cache-control
max-age=604800
cf-request-id
0482da8a8900001f359b00b200000001
cf-ray
5c17f9f0dc861f35-FRA
cf-bgj
minify
bootstrap.css
pastebin.ulvis.net/themes/bootstrap/style/
102 KB
16 KB
Stylesheet
General
Full URL
https://pastebin.ulvis.net/themes/bootstrap/style/bootstrap.css
Requested by
Host: pastebin.ulvis.net
URL: https://pastebin.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1efa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04959fb2393aff3fb54b2c2ea2ad9cc91307b6018cb7f40959393fbaa7120beb
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 06:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
468160
status
200
strict-transport-security
max-age=0; includeSubDomains
cf-request-id
0482da8a8900001f359b00c200000001
referrer-policy
no-referrer
last-modified
Tue, 31 Dec 2019 00:54:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3901bc5-1967d-59af566728700"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
cf-bgj
minify
x-xss-protection
1; mode=block
cache-control
max-age=604800
cf-ray
5c17f9f0dc8a1f35-FRA
expires
Thu, 13 Aug 2020 19:57:48 GMT
bootstrap-responsive.css
pastebin.ulvis.net/themes/bootstrap/style/
16 KB
4 KB
Stylesheet
General
Full URL
https://pastebin.ulvis.net/themes/bootstrap/style/bootstrap-responsive.css
Requested by
Host: pastebin.ulvis.net
URL: https://pastebin.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1efa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c94a9ca79c19b253d837b77a5771da4d0dec8b1824bd656872206a886874864e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 06:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
468160
cf-polished
origSize=21750
status
200
strict-transport-security
max-age=0; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 31 Dec 2019 00:36:58 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3901bc2-54f6-59af52856de80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
expires
Thu, 13 Aug 2020 19:57:48 GMT
cache-control
max-age=604800
cf-request-id
0482da8a8900001f359b00d200000001
cf-ray
5c17f9f0dc8c1f35-FRA
cf-bgj
minify
nl.png
pastebin.ulvis.net/themes/bootstrap/img/flag/
946 B
1 KB
Image
General
Full URL
https://pastebin.ulvis.net/themes/bootstrap/img/flag/nl.png
Requested by
Host: pastebin.ulvis.net
URL: https://pastebin.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1efa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e611d600c8dd29952a3590686f286b6709eda008b74bb4b4a059651cb971c199
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 06:00:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1685636
status
200
vary
Accept-Encoding
content-length
946
cf-request-id
0482da8a8a00001f359b00e200000001
referrer-policy
no-referrer
last-modified
Thu, 02 Jan 2020 11:41:22 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"3901b9e-3b2-59b26ac19fc80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c17f9f0dc8d1f35-FRA
expires
Sat, 22 Aug 2020 17:46:33 GMT
en.png
pastebin.ulvis.net/themes/bootstrap/img/flag/
1 KB
1 KB
Image
General
Full URL
https://pastebin.ulvis.net/themes/bootstrap/img/flag/en.png
Requested by
Host: pastebin.ulvis.net
URL: https://pastebin.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1efa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d5579d2ae226889e9cc592035a86cbe20c570edbdeb6394ec7ebc23c4246571
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 06:00:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1685636
status
200
vary
Accept-Encoding
content-length
1177
cf-request-id
0482da8a8b00001f359b00f200000001
referrer-policy
no-referrer
last-modified
Thu, 02 Jan 2020 11:41:22 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"3901b98-499-59b26ac19fc80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c17f9f0dc8f1f35-FRA
expires
Sat, 22 Aug 2020 17:46:33 GMT
fr.png
pastebin.ulvis.net/themes/bootstrap/img/flag/
536 B
650 B
Image
General
Full URL
https://pastebin.ulvis.net/themes/bootstrap/img/flag/fr.png
Requested by
Host: pastebin.ulvis.net
URL: https://pastebin.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1efa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 06:00:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1685636
status
200
vary
Accept-Encoding
content-length
536
cf-request-id
0482da8a8b00001f359b010200000001
referrer-policy
no-referrer
last-modified
Thu, 02 Jan 2020 11:41:22 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"3901b99-218-59b26ac19fc80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c17f9f0dc901f35-FRA
expires
Sat, 22 Aug 2020 17:46:33 GMT
ru.png
pastebin.ulvis.net/themes/bootstrap/img/flag/
403 B
540 B
Image
General
Full URL
https://pastebin.ulvis.net/themes/bootstrap/img/flag/ru.png
Requested by
Host: pastebin.ulvis.net
URL: https://pastebin.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1efa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 06:00:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1685636
status
200
vary
Accept-Encoding
content-length
403
cf-request-id
0482da8a8b00001f359b011200000001
referrer-policy
no-referrer
last-modified
Thu, 02 Jan 2020 11:41:23 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"3901b9f-193-59b26ac293ec0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c17f9f0dc921f35-FRA
expires
Sat, 22 Aug 2020 17:46:33 GMT
create_image.php
pastebin.ulvis.net/libs/captcha/
1 KB
2 KB
Image
General
Full URL
https://pastebin.ulvis.net/libs/captcha/create_image.php
Requested by
Host: pastebin.ulvis.net
URL: https://pastebin.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1efa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.29
Resource Hash
e17f8da77e3588b755dd294d8eb566770a329ae3954ff857cbf02e6c1f2499e5
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 06:00:29 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-powered-by
PHP/5.3.29
status
200
strict-transport-security
max-age=0; includeSubDomains
cf-request-id
0482da8a8b00001f359b012200000001
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
5c17f9f0dc931f35-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: pastebin.ulvis.net
URL: https://pastebin.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 06:00:29 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 05 Aug 2020 10:00:12 GMT
server
cloudflare
etag
W/"5f2a832c-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
5c17f9f0f87205d4-FRA
cf-request-id
0482da8a9e000005d4c53dd200000001
expires
Fri, 14 Aug 2020 06:00:29 GMT
1120283
ad.a-ads.com/ Frame 8140
0
0
Document
General
Full URL
https://ad.a-ads.com/1120283?size=120x90
Requested by
Host: pastebin.ulvis.net
URL: https://pastebin.ulvis.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Wed, 12 Aug 2020 06:00:29 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger
Content-Encoding
gzip
glyphicons-halflings.png
pastebin.ulvis.net/themes/bootstrap/img/
12 KB
13 KB
Image
General
Full URL
https://pastebin.ulvis.net/themes/bootstrap/img/glyphicons-halflings.png
Requested by
Host: pastebin.ulvis.net
URL: https://pastebin.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1efa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d99e3fa32c641032f08149914b28c2dc6acf2ec62f70987f2259eabbfa7fc0de
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 06:00:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1685636
status
200
vary
Accept-Encoding
content-length
12799
cf-request-id
0482da8aa300001f359b015200000001
referrer-policy
no-referrer
last-modified
Thu, 02 Jan 2020 11:41:18 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"3901ba2-31ff-59b26abdcf380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c17f9f10cea1f35-FRA
expires
Sat, 22 Aug 2020 17:46:33 GMT
js
googletagmanager.com/gtag/
89 KB
35 KB
Script
General
Full URL
https://googletagmanager.com/gtag/js?id=UA-74212407-1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c676fd3e9e1087450b0364aa48309f66032bfe807e85301670b419faf6bce23b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 06:00:29 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35692
x-xss-protection
0
expires
Wed, 12 Aug 2020 06:00:29 GMT
bootstrap.js
pastebin.ulvis.net/themes/bootstrap/js/
31 KB
8 KB
Script
General
Full URL
https://pastebin.ulvis.net/themes/bootstrap/js/bootstrap.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1efa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af79a789aafcb78a5b904f27d77ebe533c2452d59f93c86526d0fa8a51736fbb
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 06:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
468160
cf-polished
origSize=58516
status
200
strict-transport-security
max-age=0; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 02 Jan 2020 11:41:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3901bb4-e494-59b26abfb7800"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
expires
Thu, 13 Aug 2020 19:57:49 GMT
cache-control
max-age=604800
cf-request-id
0482da8ae100001f359b019200000001
cf-ray
5c17f9f16dcb1f35-FRA
cf-bgj
minify
ajax_captcha.js
pastebin.ulvis.net/libs/captcha/
1 KB
698 B
Script
General
Full URL
https://pastebin.ulvis.net/libs/captcha/ajax_captcha.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1efa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d28a924da577936663b6de1d56027415a991c1095fc05989b93df51c58d042b1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 06:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
430144
cf-polished
origSize=2119
status
200
strict-transport-security
max-age=0; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 02 Jan 2020 11:40:41 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3901973-847-59b26a9a86040"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
expires
Fri, 14 Aug 2020 06:31:25 GMT
cache-control
max-age=604800
cf-request-id
0482da8ae100001f359b01a200000001
cf-ray
5c17f9f16dce1f35-FRA
cf-bgj
minify
jquery-latest.min.js
code.jquery.com/
94 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-latest.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 06:00:29 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:08 GMT
server
nginx
status
200
etag
"54499a48-1762a"
vary
Accept-Encoding
x-hw
1597212029.dop236.fr8.t,1597212029.cds232.fr8.hc,1597212029.cds280.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
33202
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: googletagmanager.com
URL: https://googletagmanager.com/gtag/js?id=UA-74212407-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
2689
date
Wed, 12 Aug 2020 05:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Wed, 12 Aug 2020 07:15:40 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1753403335&t=pageview&_s=1&dl=https%3A%2F%2Fpastebin.ulvis.net%2F&ul=en-us&de=UTF-8&dt=Add%20paste%20-%20pastebin&sd=24-bit&sr=1600x1200&vp=1...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-74212407-1&cid=1524604617.1597212030&jid=1793636261&_gid=1373995386.1597212030&gjid=21165318&_v=j83&z=16855016
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74212407-1&cid=1524604617.1597212030&jid=1793636261&_v=j83&z=16855016
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74212407-1&cid=1524604617.1597212030&jid=1793636261&_v=j83&z=16855016&slf_rd=1&random=3981295886
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74212407-1&cid=1524604617.1597212030&jid=1793636261&_v=j83&z=16855016&slf_rd=1&random=3981295886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Aug 2020 06:00:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 Aug 2020 06:00:29 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74212407-1&cid=1524604617.1597212030&jid=1793636261&_v=j83&z=16855016&slf_rd=1&random=3981295886
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR function| $ function| jQuery boolean| http_request function| makeRequest function| alertContents function| get function| refreshimg object| jQuery111106974136195387226 function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

2 Cookies

Domain/Path Name / Value
pastebin.ulvis.net/ Name: PHPSESSID
Value: 130be2b8ef9adfadbb78ecb4fcd35c75
.ulvis.net/ Name: __cfduid
Value: d419d648264dea0746c87a8eecc15017c1597212029

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ajax.cloudflare.com
code.jquery.com
googletagmanager.com
paste.ulvis.net
pastebin.ulvis.net
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
2001:4de0:ac19::1:b:1a
2606:4700:3031::681c:1efa
2606:4700:3033::681c:1ffa
2606:4700::6810:a723
2a00:1450:4001:816::200e
2a00:1450:4001:81a::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:821::2008
2a00:1450:400c:c00::9c
5.9.10.165
04959fb2393aff3fb54b2c2ea2ad9cc91307b6018cb7f40959393fbaa7120beb
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
42e0f6c7db79cb2291bce5a0a75a3bb35f177150e19deed0e688de59c1a143ce
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
7f660f6895fa2f6271dc294739cb6d94fa178e41092911d320053fee7f8fba8a
9d5579d2ae226889e9cc592035a86cbe20c570edbdeb6394ec7ebc23c4246571
af79a789aafcb78a5b904f27d77ebe533c2452d59f93c86526d0fa8a51736fbb
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
c676fd3e9e1087450b0364aa48309f66032bfe807e85301670b419faf6bce23b
c94a9ca79c19b253d837b77a5771da4d0dec8b1824bd656872206a886874864e
d28a924da577936663b6de1d56027415a991c1095fc05989b93df51c58d042b1
d99e3fa32c641032f08149914b28c2dc6acf2ec62f70987f2259eabbfa7fc0de
e17f8da77e3588b755dd294d8eb566770a329ae3954ff857cbf02e6c1f2499e5
e611d600c8dd29952a3590686f286b6709eda008b74bb4b4a059651cb971c199
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955