urlscan.io logo urlscan.io
SecurityTrails logo

paste.ulvis.net Open in urlscan Pro
2606:4700:30::681c:1ffa  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://paste.ulvis.net/
Effective URL: https://paste.ulvis.net/
Submission: On May 18 via manual from LV
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 17 HTTP transactions. The main IP is 2606:4700:30::681c:1ffa, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is paste.ulvis.net.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 9th 2019. Valid for: a year.
This is the only time paste.ulvis.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
12 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 176.9.125.108 24940 (HETZNER-AS)
1 205.185.208.52 20446 (HIGHWINDS3)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
17 6
1    2606:4700:30::681c:1efa (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
paste.ulvis.net
12    2606:4700:30::681c:1ffa (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
paste.ulvis.net
1    2606:4700::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com
1    176.9.125.108 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.108.125.9.176.clients.your-server.de
ad.a-ads.com
1    205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com
2    2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ssl.google-analytics.com
1    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
Domain Requested by
13 paste.ulvis.net 1 redirects paste.ulvis.net
ajax.cloudflare.com
2 ssl.google-analytics.com 1 redirects paste.ulvis.net
1 www.google.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 code.jquery.com ajax.cloudflare.com
1 ad.a-ads.com paste.ulvis.net
1 ajax.cloudflare.com paste.ulvis.net
17 8

This site contains links to these domains. Also see Links.

Domain
ulvis.net
whois.ulvis.net
sreenshot.ulvis.net
chat.ulvis.net
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-04-09 -
2020-04-09		 a year crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-02 -
2019-09-08		 6 months crt.sh
*.a-ads.com
COMODO RSA Domain Validation Secure Server CA		 2018-11-14 -
2020-12-09		 2 years crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-04-30 -
2019-07-23		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-04-30 -
2019-07-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://paste.ulvis.net/
Frame ID: ADA5A18A0C8A3684D5CF5EAD9EF61182
Requests: 16 HTTP requests in this frame

Frame: https://ad.a-ads.com/1120283?size=120x90
Frame ID: 2DAC0570745AE54786FBC85B95535381
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://paste.ulvis.net/ HTTP 301
    https://paste.ulvis.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
  • script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

17
Requests

100 %
HTTPS

78 %
IPv6

8
Domains

8
Subdomains

6
IPs

3
Countries

105 kB
Transfer

340 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paste.ulvis.net/ HTTP 301
    https://paste.ulvis.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1321285380&utmhn=paste.ulvis.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Add%20paste%20-%20ulvis.paste.net&utmhid=996264060&utmr=-&utmp=%2F&utmht=1558210552026&utmac=UA-74212407-1&utmcc=__utma%3D144420788.1964297695.1558210552.1558210552.1558210552.1%3B%2B__utmz%3D144420788.1558210552.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2011842668&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-74212407-1&cid=1964297695.1558210552&jid=2011842668&_v=5.7.2&z=1321285380 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74212407-1&cid=1964297695.1558210552&jid=2011842668&_v=5.7.2&z=1321285380 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74212407-1&cid=1964297695.1558210552&jid=2011842668&_v=5.7.2&z=1321285380&slf_rd=1&random=3424797174

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
paste.ulvis.net/
Redirect Chain
  • http://paste.ulvis.net/
  • https://paste.ulvis.net/
18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paste.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1ffa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.3.29
Resource Hash
0bbc24b8287cf7575126f3ff06c4aeec3b830ad6a9cfc5d3743fbaef6cf51e55
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN DENY
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

:method
GET
:authority
paste.ulvis.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 18 May 2019 20:15:51 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d75c57e389cbfd796f9807628bd73b7a11558210551; expires=Sun, 17-May-20 20:15:51 GMT; path=/; domain=.ulvis.net; HttpOnly; Secure
x-frame-options
SAMEORIGIN DENY
x-xss-protection
1; mode=block 1; mode=block
x-powered-by
PHP/5.3.29
cache-control
max-age=604800
expires
Sat, 25 May 2019 20:15:51 GMT
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-robots-tag
none
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
strict-transport-security
max-age=0; includeSubDomains
x-cache
MISS from shluota
x-cache-lookup
MISS from shluota:3128
via
1.1 shluota (squid)
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4d90816c1ae7c2ea-FRA
content-encoding
br

Redirect headers

Date
Sat, 18 May 2019 20:15:51 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 18 May 2019 21:15:51 GMT
Location
https://paste.ulvis.net/
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4d90816bcc649778-FRA
style.css
paste.ulvis.net/themes/bootstrap/style/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paste.ulvis.net/themes/bootstrap/style/style.css
Requested by
Host: paste.ulvis.net
URL: https://paste.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1ffa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4018363b9ac32caec747db7e69edbb551a3ab153267f9fa939617317c1340f30
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 18 May 2019 20:15:51 GMT
via
1.1 shluota (squid)
x-content-type-options
nosniff
x-cache-lookup
MISS from shluota:3128
x-permitted-cross-domain-policies
none
cf-polished
origSize=6050
cf-ray
4d90816cdcc9c2ea-FRA
x-cache
MISS from shluota
status
200
cf-bgj
minify
content-encoding
br
cf-cache-status
HIT
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer
last-modified
Sat, 18 May 2019 10:14:23 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, DENY
etag
W/"3922e09-17a2-58926c3685422"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
x-download-options
noopen
content-type
text/css
vary
Accept-Encoding,User-Agent
cache-control
max-age=604800
x-robots-tag
none
expires
Sat, 25 May 2019 11:18:36 GMT
bootstrap.css
paste.ulvis.net/themes/bootstrap/style/ 		102 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paste.ulvis.net/themes/bootstrap/style/bootstrap.css
Requested by
Host: paste.ulvis.net
URL: https://paste.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1ffa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d92660a1c7eba1c0dabf9a8a49ec88b79fba73e947cf6571bc99236f009d99b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 18 May 2019 20:15:51 GMT
via
1.1 shluota (squid)
x-content-type-options
nosniff
x-cache-lookup
MISS from shluota:3128
x-permitted-cross-domain-policies
none
cf-polished
origSize=126544
cf-ray
4d90816cdccac2ea-FRA
x-cache
MISS from shluota
status
200
cf-bgj
minify
content-encoding
br
cf-cache-status
HIT
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer
last-modified
Sat, 18 May 2019 10:13:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, DENY
etag
W/"3922dff-1ee50-58926c013ce05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
x-download-options
noopen
content-type
text/css
vary
Accept-Encoding,User-Agent
cache-control
max-age=604800
x-robots-tag
none
expires
Sat, 25 May 2019 11:18:36 GMT
bootstrap-responsive.css
paste.ulvis.net/themes/bootstrap/style/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paste.ulvis.net/themes/bootstrap/style/bootstrap-responsive.css
Requested by
Host: paste.ulvis.net
URL: https://paste.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1ffa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d998d0f93c3c92ca0f0c5f70679287bf753424cca50f6044f2589f3d3b843ff1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 18 May 2019 20:15:51 GMT
via
1.1 shluota (squid)
x-content-type-options
nosniff
x-cache-lookup
MISS from shluota:3128
x-permitted-cross-domain-policies
none
cf-polished
origSize=21787
cf-ray
4d90816cdcccc2ea-FRA
x-cache
MISS from shluota
status
200
cf-bgj
minify
content-encoding
br
cf-cache-status
HIT
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 12 May 2019 09:35:57 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, DENY
etag
W/"3922dfd-551b-588ad86dedbb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
x-download-options
noopen
content-type
text/css
vary
Accept-Encoding,User-Agent
cache-control
max-age=604800
x-robots-tag
none
expires
Sat, 25 May 2019 11:18:36 GMT
nl.png
paste.ulvis.net/themes/bootstrap/img/flag/ 		946 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paste.ulvis.net/themes/bootstrap/img/flag/nl.png
Requested by
Host: paste.ulvis.net
URL: https://paste.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1ffa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e611d600c8dd29952a3590686f286b6709eda008b74bb4b4a059651cb971c199
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 18 May 2019 20:15:51 GMT
via
1.1 shluota (squid)
x-content-type-options
nosniff
x-cache-lookup
MISS from shluota:3128
x-permitted-cross-domain-policies
none
cf-ray
4d90816cdccec2ea-FRA
x-cache
MISS from shluota
status
200
strict-transport-security
max-age=0; includeSubDomains
cf-cache-status
HIT
content-length
946
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 18 Sep 2018 20:25:24 GMT
server
cloudflare
etag
"392309f-3b2-5762b16f457e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, DENY
x-download-options
noopen
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=604800
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 25 May 2019 11:18:37 GMT
en.png
paste.ulvis.net/themes/bootstrap/img/flag/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paste.ulvis.net/themes/bootstrap/img/flag/en.png
Requested by
Host: paste.ulvis.net
URL: https://paste.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1ffa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d5579d2ae226889e9cc592035a86cbe20c570edbdeb6394ec7ebc23c4246571
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 18 May 2019 20:15:51 GMT
via
1.1 shluota (squid)
x-content-type-options
nosniff
x-cache-lookup
MISS from shluota:3128
x-permitted-cross-domain-policies
none
cf-ray
4d90816cdcd1c2ea-FRA
x-cache
MISS from shluota
status
200
strict-transport-security
max-age=0; includeSubDomains
cf-cache-status
HIT
content-length
1177
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 18 Sep 2018 20:25:24 GMT
server
cloudflare
etag
"392304c-499-5762b16f16209"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, DENY
x-download-options
noopen
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=604800
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 25 May 2019 11:18:37 GMT
fr.png
paste.ulvis.net/themes/bootstrap/img/flag/ 		536 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paste.ulvis.net/themes/bootstrap/img/flag/fr.png
Requested by
Host: paste.ulvis.net
URL: https://paste.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1ffa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 18 May 2019 20:15:51 GMT
via
1.1 shluota (squid)
x-content-type-options
nosniff
x-cache-lookup
MISS from shluota:3128
x-permitted-cross-domain-policies
none
cf-ray
4d90816cdcd2c2ea-FRA
x-cache
MISS from shluota
status
200
strict-transport-security
max-age=0; includeSubDomains
cf-cache-status
HIT
content-length
536
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 18 Sep 2018 20:25:24 GMT
server
cloudflare
etag
"3923079-218-5762b16f21d8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, DENY
x-download-options
noopen
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=604800
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 25 May 2019 11:18:36 GMT
ru.png
paste.ulvis.net/themes/bootstrap/img/flag/ 		403 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paste.ulvis.net/themes/bootstrap/img/flag/ru.png
Requested by
Host: paste.ulvis.net
URL: https://paste.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1ffa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 18 May 2019 20:15:51 GMT
via
1.1 shluota (squid)
x-content-type-options
nosniff
x-cache-lookup
MISS from shluota:3128
x-permitted-cross-domain-policies
none
cf-ray
4d90816cdcd3c2ea-FRA
x-cache
MISS from shluota
status
200
strict-transport-security
max-age=0; includeSubDomains
cf-cache-status
HIT
content-length
403
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 18 Sep 2018 20:25:24 GMT
server
cloudflare
etag
"392366d-193-5762b16f6a1db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, DENY
x-download-options
noopen
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=604800
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 25 May 2019 11:18:37 GMT
create_image.php
paste.ulvis.net/libs/captcha/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paste.ulvis.net/libs/captcha/create_image.php
Requested by
Host: paste.ulvis.net
URL: https://paste.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1ffa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.3.29
Resource Hash
49de0e8dce88e5d023e8fab216434901ced95150d97a657d2bf014cbe408b62b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 18 May 2019 20:15:51 GMT
via
1.1 shluota (squid)
x-content-type-options
nosniff
x-cache-lookup
MISS from shluota:3128
x-permitted-cross-domain-policies
none
x-powered-by
PHP/5.3.29
cf-ray
4d90816cdcd5c2ea-FRA
x-cache
MISS from shluota
status
200
strict-transport-security
max-age=0; includeSubDomains
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
x-frame-options
SAMEORIGIN, DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
x-download-options
noopen
content-type
image/jpeg
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag
none
expires
Thu, 19 Nov 1981 08:52:00 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Requested by
Host: paste.ulvis.net
URL: https://paste.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09cb7c36c13be7810320607e581c11cd14b5b53eefe52a528b944a43f5a91cda
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 18 May 2019 20:15:51 GMT
content-encoding
gzip
last-modified
Tue, 14 May 2019 18:46:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5cdb0d1a-2ef5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
4d90816cdca0bee7-FRA
expires
Mon, 20 May 2019 20:15:51 GMT
1120283
ad.a-ads.com/ Frame 2DAC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1120283?size=120x90
Requested by
Host: paste.ulvis.net
URL: https://paste.ulvis.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.108.125.9.176.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sat, 18 May 2019 20:15:51 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger
Content-Encoding
gzip
bootstrap.js
paste.ulvis.net/themes/bootstrap/js/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paste.ulvis.net/themes/bootstrap/js/bootstrap.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1ffa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af79a789aafcb78a5b904f27d77ebe533c2452d59f93c86526d0fa8a51736fbb
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 18 May 2019 20:15:51 GMT
via
1.1 shluota (squid)
x-content-type-options
nosniff
x-cache-lookup
MISS from shluota:3128
x-permitted-cross-domain-policies
none
cf-polished
origSize=58516
cf-ray
4d90816cfd0bc2ea-FRA
x-cache
MISS from shluota
status
200
cf-bgj
minify
content-encoding
br
cf-cache-status
HIT
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 18 Sep 2018 20:25:21 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, DENY
etag
W/"3922d52-e494-5762b16c918fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
x-download-options
noopen
content-type
application/javascript
vary
Accept-Encoding,User-Agent
cache-control
max-age=2592000
x-robots-tag
none
expires
Mon, 17 Jun 2019 11:18:37 GMT
ajax_captcha.js
paste.ulvis.net/libs/captcha/ 		1 KB
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://paste.ulvis.net/libs/captcha/ajax_captcha.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1ffa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d28a924da577936663b6de1d56027415a991c1095fc05989b93df51c58d042b1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 18 May 2019 20:15:51 GMT
via
1.1 shluota (squid)
x-content-type-options
nosniff
x-cache-lookup
MISS from shluota:3128
x-permitted-cross-domain-policies
none
cf-polished
origSize=2119
cf-ray
4d90816cfd0cc2ea-FRA
x-cache
MISS from shluota
status
200
cf-bgj
minify
content-encoding
br
cf-cache-status
HIT
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 18 Sep 2018 20:24:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, DENY
etag
W/"3920343-847-5762b149247b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
x-download-options
noopen
content-type
application/javascript
vary
Accept-Encoding,User-Agent
cache-control
max-age=2592000
x-robots-tag
none
expires
Mon, 17 Jun 2019 11:18:37 GMT
jquery-latest.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 18 May 2019 20:15:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
"54499a48-1762a"
Vary
Accept-Encoding
X-HW
1558210551.dop090.lo4.shc,1558210551.dop090.lo4.t,1558210551.cds055.lo4.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33202
glyphicons-halflings.png
paste.ulvis.net/themes/bootstrap/img/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paste.ulvis.net/themes/bootstrap/img/glyphicons-halflings.png
Requested by
Host: paste.ulvis.net
URL: https://paste.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1ffa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d99e3fa32c641032f08149914b28c2dc6acf2ec62f70987f2259eabbfa7fc0de
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 18 May 2019 20:15:51 GMT
via
1.1 shluota (squid)
x-content-type-options
nosniff
x-cache-lookup
MISS from shluota:3128
x-permitted-cross-domain-policies
none
cf-ray
4d90816d0d3cc2ea-FRA
x-cache
MISS from shluota
status
200
strict-transport-security
max-age=0; includeSubDomains
cf-cache-status
HIT
content-length
12799
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 18 Sep 2018 20:25:20 GMT
server
cloudflare
etag
"3922a82-31ff-5762b16b46bbf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, DENY
x-download-options
noopen
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=604800
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 25 May 2019 11:18:37 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: paste.ulvis.net
URL: https://paste.ulvis.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 May 2019 01:33:03 GMT
server
Golfe2
age
3549
date
Sat, 18 May 2019 19:16:42 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17168
expires
Sat, 18 May 2019 21:16:42 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1321285380&utmhn=paste.ulvis.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Add%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-74212407-1&cid=1964297695.1558210552&jid=2011842668&_v=5.7.2&z=1321285380
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74212407-1&cid=1964297695.1558210552&jid=2011842668&_v=5.7.2&z=1321285380
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74212407-1&cid=1964297695.1558210552&jid=2011842668&_v=5.7.2&z=1321285380&slf_rd=1&random=3424797174
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74212407-1&cid=1964297695.1558210552&jid=2011842668&_v=5.7.2&z=1321285380&slf_rd=1&random=3424797174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 May 2019 20:15:52 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 May 2019 20:15:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74212407-1&cid=1964297695.1558210552&jid=2011842668&_v=5.7.2&z=1321285380&slf_rd=1&random=3424797174
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| __cfQR function| $ function| jQuery boolean| http_request function| makeRequest function| alertContents function| get function| refreshimg object| jQuery111108899576795267532 object| _gaq boolean| __cfRLUnblockHandlers object| _gat object| gaGlobal

2 Cookies

Domain/Path Name / Value
paste.ulvis.net/ Name: PHPSESSID
Value: 29e8c6511df79a160a73acaf93416e66
.ulvis.net/ Name: __cfduid
Value: d75c57e389cbfd796f9807628bd73b7a11558210551

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN DENY
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ajax.cloudflare.com
code.jquery.com
paste.ulvis.net
ssl.google-analytics.com
stats.g.doubleclick.net
www.google.com
www.google.de
176.9.125.108
205.185.208.52
2606:4700:30::681c:1efa
2606:4700:30::681c:1ffa
2606:4700::6813:c497
2a00:1450:4001:808::2003
2a00:1450:4001:814::2008
2a00:1450:4001:820::2004
2a00:1450:400c:c08::9b
09cb7c36c13be7810320607e581c11cd14b5b53eefe52a528b944a43f5a91cda
0bbc24b8287cf7575126f3ff06c4aeec3b830ad6a9cfc5d3743fbaef6cf51e55
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
4018363b9ac32caec747db7e69edbb551a3ab153267f9fa939617317c1340f30
49de0e8dce88e5d023e8fab216434901ced95150d97a657d2bf014cbe408b62b
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
6d92660a1c7eba1c0dabf9a8a49ec88b79fba73e947cf6571bc99236f009d99b
9d5579d2ae226889e9cc592035a86cbe20c570edbdeb6394ec7ebc23c4246571
af79a789aafcb78a5b904f27d77ebe533c2452d59f93c86526d0fa8a51736fbb
d28a924da577936663b6de1d56027415a991c1095fc05989b93df51c58d042b1
d998d0f93c3c92ca0f0c5f70679287bf753424cca50f6044f2589f3d3b843ff1
d99e3fa32c641032f08149914b28c2dc6acf2ec62f70987f2259eabbfa7fc0de
e611d600c8dd29952a3590686f286b6709eda008b74bb4b4a059651cb971c199
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629