Report - zpaste.net/p/lq6jl

Report Overview

URL

zpaste.net/p/lq6jl
IP

172.67.166.185

ASN

#13335 CLOUDFLARENET
Submitted

2023-06-05T23:23:56Z

Access

public
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

10
Threat Detection Systems

1

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
www.cdn4ads.com (1)	105393	2020-04-19 22:21:04	2023-06-05 14:43:26	438	34032	185.76.9.21
p.cpx.to (1)	10368	2015-01-23 02:00:57	2023-06-05 08:20:25	399	4544	52.48.155.118
lllpg.com (1)	9350	2020-06-28 04:46:32	2023-05-19 15:01:09	385	625	0.0.0.0
lteqkba5etv9.l4.adsco.re (1)	unknown	No data	No data	448	462	185.200.118.90
lteqkba5etv9.n4.adsco.re (1)	unknown	No data	No data	448	462	38.132.109.186
gdpr-web-dau-prod.privacymanager.io (1)	22129	2020-04-11 05:39:09	2023-06-05 15:50:03	581	590	54.230.111.68
zpaste.net (1)	unknown	2019-11-19 02:58:44	2023-06-03 17:10:17	390	648	172.67.166.185
hb.brainlyads.com (3)	14608	2019-02-04 07:35:10	2023-06-05 18:28:22	1308	657165	23.20.158.212
a.ad.gt (1)	4743	2016-10-18 11:16:34	2023-06-05 05:17:31	580	11342	172.67.23.234
6.adsco.re (2)	17812	2018-01-15 05:15:29	2023-06-05 11:23:52	825	859	104.17.167.186
ocsp.r2m02.amazontrust.com (1)	unknown	2022-10-12 16:01:39	2023-06-05 12:51:11	340	942	54.230.80.227
pixel.zprk.io (1)	15094	2018-07-19 02:31:43	2023-06-05 18:59:15	419	3230	3.92.34.107
c.adsco.re (2)	16577	2017-11-29 19:42:15	2023-06-05 11:23:51	894	109887	104.17.166.186
www.googletagmanager.com (1)	75	2013-05-22 04:07:37	2023-06-05 11:14:29	427	122797	142.250.74.168
www.zpaste.net (19)	unknown	2019-11-19 03:37:48	2023-06-03 22:11:07	20390	1034981	104.21.91.46
ocsp.pki.goog (5)	175	2018-07-01 08:43:07	2023-06-05 05:09:10	1665	3495	142.250.74.131
ocsp.godaddy.com (3)	698	2012-05-20 21:28:57	2023-06-05 05:09:32	990	6857	192.124.249.41
adsco.re (1)	8541	2017-04-03 05:11:30	2023-06-05 11:23:52	436	1869	162.252.214.5
talcoidsakis.com (1)	unknown	2023-02-09 09:45:54	2023-06-03 17:09:58	403	1210	23.109.248.169
www.gstatic.com (6)	unknown	2016-07-26 11:37:06	2023-06-05 12:30:19	2879	554927	142.250.74.35
geo.privacymanager.io (2)	1624	2020-06-25 10:24:46	2023-06-05 10:24:48	995	1506	54.230.111.95
zplayer.live (1)	305196	2020-05-09 04:23:33	2023-05-28 01:27:16	436	0	0.0.0.0
gdpr.privacymanager.io (1)	14930	2020-05-19 11:29:43	2023-06-05 15:50:01	416	140777	54.230.111.63
ads.vidoomy.com (1)	21161	2017-10-13 17:24:41	2023-06-05 21:11:47	410	5208	3.19.54.139
reporting.powerad.ai (2)	16302	2020-10-15 01:30:12	2023-06-05 18:59:15	892	808	54.234.151.247
cdn4ads.com (1)	46207	2020-04-19 22:21:04	2023-06-05 14:43:27	1251	1552	216.59.63.128
4.adsco.re (2)	19179	2021-01-04 17:47:52	2023-06-05 11:23:52	811	873	162.252.214.5
lteqkba5etv9.s4.adsco.re (1)	unknown	No data	No data	448	462	185.200.116.90
s.cpx.to (1)	2014	2014-10-25 15:31:28	2023-06-05 08:16:24	655	453	54.73.222.239
gdpr-wrapper.privacymanager.io (2)	13767	2020-05-19 11:29:43	2023-06-05 15:50:01	1044	424454	54.230.111.47
challenges.cloudflare.com (1)	unknown	2021-10-20 07:02:03	2023-06-05 13:13:24	631	47588	104.18.7.185
ocsp.sectigo.com (5)	487	2019-11-29 12:50:24	2023-06-05 13:50:27	1650	4818	104.18.14.101
powerad.ai (4)	41942	2018-12-14 16:50:58	2023-06-05 18:59:14	1748	220365	35.174.93.62
zshorte.net (2)	unknown	2020-06-19 13:09:56	2023-06-03 17:09:58	828	51148	104.21.89.60
www.google.com (4)	7	2015-05-10 13:11:19	2023-06-05 05:22:18	2392	56711	216.58.211.4
fonts.gstatic.com (1)	unknown	2014-09-09 02:40:21	2023-06-05 13:08:38	513	16177	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-05T23:23:41Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-06-05T23:23:41Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-06-05T23:23:42Z	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-06-05T23:23:42Z	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-06-05T23:23:42Z	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-06-05T23:23:42Z	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-06-05T23:23:42Z	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-06-05T23:23:42Z	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-06-05T23:23:43Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-06-05T23:23:43Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-06-05	medium	zplayer.live

ThreatFox

No alerts detected

HTTP Transactions (84)

	URL	IP	Response	Size
	zpaste.net/p/lq6jl	172.67.166.185	301 Moved Permanently	0
Search urlquery URL zpaste.net/p/lq6jl DOMAIN zpaste.net FQDN zpaste.net IP 172.67.166.185 Hash d41d8cd98f00b204e9800998ecf8427e External sources Mnemonic PDNS FQDN zpaste.net DOMAIN zpaste.net IP 172.67.166.185 VirusTotal HASH da39a3ee5e6b4b0d3255bfef95601890afd80709 FQDN zpaste.net DOMAIN zpaste.net IP 172.67.166.185 crt.sh FQDN zpaste.net DOMAIN zpaste.net URL User Request GET HTTP/1.1 zpaste.net/p/lq6jl IP 172.67.166.185:80 ASN #13335 CLOUDFLARENET Magic Size 0 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /p/lq6jl HTTP/1.1 Host: zpaste.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 301 Moved Permanently Date: Mon, 05 Jun 2023 23:23:35 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Tue, 06 Jun 2023 00:23:35 GMT Location: http://www.zpaste.net/p/lq6jl Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0C%2FJKJiCM4ttVelnMO6Bz08n8yXfsssJe1bvhQQhRuREk7X7LmTDVdYH7mW1e0aUNuJ8vxRgPHMqLy%2Fdn9Hfjp8SYRRP%2BiabKpTEmlNTl3u6xwSlvzCYIxs%2F6tw"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d2c2a09cfdb0b69-OSL alt-svc: h2=":443"; ma=60

	www.zpaste.net/p/lq6jl	104.21.91.46	403 Forbidden	0
Search urlquery URL www.zpaste.net/p/lq6jl DOMAIN zpaste.net FQDN www.zpaste.net IP 104.21.91.46 Hash d41d8cd98f00b204e9800998ecf8427e External sources Mnemonic PDNS FQDN www.zpaste.net DOMAIN zpaste.net IP 104.21.91.46 VirusTotal HASH da39a3ee5e6b4b0d3255bfef95601890afd80709 FQDN www.zpaste.net DOMAIN zpaste.net IP 104.21.91.46 crt.sh FQDN www.zpaste.net DOMAIN zpaste.net Fingerprint 49:EF:75:0F:C6:E6:30:97:9A:02:B7:F1:64:0D:D1:00:1C:F1:15:6E URL User Request GET HTTP/3 www.zpaste.net/p/lq6jl IP 104.21.91.46:443 ASN #13335 CLOUDFLARENET Certificate IssuerLet's Encrypt Subjectzpaste.net Fingerprint49:EF:75:0F:C6:E6:30:97:9A:02:B7:F1:64:0D:D1:00:1C:F1:15:6E ValiditySun, 16 Apr 2023 23:38:15 GMT - Sat, 15 Jul 2023 23:38:14 GMT Magic Size 0 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /p/lq6jl HTTP/1.1 Host: www.zpaste.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 301 Moved Permanently Date: Mon, 05 Jun 2023 23:23:35 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Tue, 06 Jun 2023 00:23:35 GMT Location: https://www.zpaste.net/p/lq6jl Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViTX8GfP%2Fxh%2Fklkah%2FzoSMKowzw14syhHOhVfEmAkBv37T9MF5La%2B48DFt2cUcCVpo1cWmUV8%2FSZQ7NwGwUHuTxyK5MN3m4BjdvehqOvpkVc6IfREPFofWbqwnH8pr44SA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d2c2a0aaa81b4ff-OSL alt-svc: h2=":443"; ma=60

	www.zpaste.net/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d2c2a0acd15b4fd	172.67.166.185		42
Search urlquery URL www.zpaste.net/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d2c2a0acd15b4fd DOMAIN zpaste.net FQDN www.zpaste.net IP 172.67.166.185 Hash d89746888da2d9510b64a9f031eaecd5 External sources Mnemonic PDNS FQDN www.zpaste.net DOMAIN zpaste.net IP 172.67.166.185 VirusTotal HASH d5fceb6532643d0d84ffe09c40c481ecdf59e15a FQDN www.zpaste.net DOMAIN zpaste.net IP 172.67.166.185 crt.sh FQDN www.zpaste.net DOMAIN zpaste.net Fingerprint 49:EF:75:0F:C6:E6:30:97:9A:02:B7:F1:64:0D:D1:00:1C:F1:15:6E URL www.zpaste.net/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d2c2a0acd15b4fd IP 172.67.166.185:0 ASN #13335 CLOUDFLARENET Certificate IssuerLet's Encrypt Subjectzpaste.net Fingerprint49:EF:75:0F:C6:E6:30:97:9A:02:B7:F1:64:0D:D1:00:1C:F1:15:6E ValiditySun, 16 Apr 2023 23:38:15 GMT - Sat, 15 Jul 2023 23:38:14 GMT Magic GIF image data, version 89a, 1 x 1\012- data Size 42 Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers `GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d2c2a0acd15b4fd HTTP/1.1 Host: www.zpaste.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.zpaste.net/p/lq6jl DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/3 200 OK date: Mon, 05 Jun 2023 23:23:35 GMT content-type: image/gif content-length: 42 last-modified: Tue, 30 May 2023 15:20:42 GMT etag: "6476144a-2a" server: cloudflare cf-ray: 7d2c2a0d7f14b4fd-OSL x-frame-options: DENY x-content-type-options: nosniff vary: Accept-Encoding expires: Tue, 06 Jun 2023 01:23:35 GMT cache-control: max-age=7200, public accept-ranges: bytes`

	www.zpaste.net/zpaste/assets/img/LogozPaste.png	172.67.166.185	200 OK	22709
Search urlquery URL www.zpaste.net/zpaste/assets/img/LogozPaste.png DOMAIN zpaste.net FQDN www.zpaste.net IP 172.67.166.185 Hash 8248d429409b33ba6ab8c6c7fef1602e External sources Mnemonic PDNS FQDN www.zpaste.net DOMAIN zpaste.net IP 172.67.166.185 VirusTotal HASH f2b70a5db3f631be0fc0ab8c19099f8e04a12462 FQDN www.zpaste.net DOMAIN zpaste.net IP 172.67.166.185 crt.sh FQDN www.zpaste.net DOMAIN zpaste.net Fingerprint 49:EF:75:0F:C6:E6:30:97:9A:02:B7:F1:64:0D:D1:00:1C:F1:15:6E URL GET HTTP/3 www.zpaste.net/zpaste/assets/img/LogozPaste.png IP 172.67.166.185:443 ASN #13335 CLOUDFLARENET Requested by https://www.zpaste.net/p/lq6jl Certificate IssuerLet's Encrypt Subjectzpaste.net Fingerprint49:EF:75:0F:C6:E6:30:97:9A:02:B7:F1:64:0D:D1:00:1C:F1:15:6E ValiditySun, 16 Apr 2023 23:38:15 GMT - Sat, 15 Jul 2023 23:38:14 GMT Magic PNG image data, 226 x 102, 8-bit/color RGBA, non-interlaced\012- data Size 22709 Hash 8248d429409b33ba6ab8c6c7fef1602e f2b70a5db3f631be0fc0ab8c19099f8e04a12462 bb16f8c778a4b834a62395d19defa5731c90b7fb4902ef104d31f5684ee7d5db HTTP Headers GET /zpaste/assets/img/LogozPaste.png HTTP/1.1 Host: www.zpaste.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.zpaste.net/p/lq6jl Cookie: cf_chl_2=fca3d6e2b3dccf7; cf_clearance=OpKNgizvDspoRkoxNRq4z8rggIQToCFYkA6MRRuuivA-1686007415-0-160; XSRF-TOKEN=eyJpdiI6IjNFTEFhN0lZS25QaUdPRUZaVlhFdkE9PSIsInZhbHVlIjoibUdFTnNwV1B3MEdBd0owZW1nbWtPcDhcL2xySnNNcW94VHRnR2Y4dHNhOExsbXNESTAwejNLcjZ2XC9ONG1kb2dVU29EUnRqVExnbkNPZWxPN2lpUko5QT09IiwibWFjIjoiZTBmNDQ5NTc5NjgzNTA5ZDRmZmYzZjg2MzE4YmM2N2M3Mjk5MDQ1YThjYzdmNDRhMTJmODFmNjU4Zjk3ZjIxYiJ9; zpastenet_session=eyJpdiI6IktNcFZYbGtuQ1JaTjMzXC9BYkdYbXVBPT0iLCJ2YWx1ZSI6IjRQVkFxQmVaODdBTE9uVFI4VlQ4aTlIMGM5U2R6dGRnNWVyWUF0RWR2YzJReXczblwvQ1UxaXpPYzhKbzNJK050WlpPWjE5V2ZCQzRUWmVJeFIwcCsxZz09IiwibWFjIjoiMjE2Mjc4ZjUwM2VmZDI5NjQ5ZDRmYTIxNTBmZTNjNDViZGQ4YTEyODY3ZDVmYWJkYTAzY2ZlYzkxNTI1ZDRmYyJ9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Mon, 05 Jun 2023 23:23:40 GMT content-type: image/png content-length: 22709 last-modified: Sat, 14 Dec 2019 07:37:43 GMT x-served-by: www.zpaste.net cache-control: max-age=14400 cf-cache-status: HIT age: 4884 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGEqcjHJvQrIFHYo1t8DZF66BJR%2F6bgdEjQh%2BWxdl5CgFV52Od6PyTz4KK693ydF4HKO1k%2FyNK1nplyJoFryDM2P8nYBsaKUUM%2BbmYIIbDTTViU4Wbtm%2FSLykOBFoBaNDw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d2c2a2c6df1b4fd-OSL alt-svc: h3=":443"; ma=86400

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (214)

#1 JS:Script (size: 2569)

#2 JS:Script (size: 135055)

#3 JS:Script (size: 423369)

#4 JS:Script (size: 25166)

#5 JS:Script (size: 10753)

#6 JS:Script (size: 0)

#7 JS:Script (size: 25)

#8 JS:Script (size: 959)

#9 JS:Script (size: 416797)

#10 JS:Script (size: 253)

#11 JS:Script (size: 128)

#12 JS:Script (size: 61)

#13 JS:Script (size: 38)

#14 JS:Script (size: 126)

#15 JS:Script (size: 122148)

#16 JS:Script (size: 69)

#17 JS:Script (size: 36)

#18 JS:Script (size: 43715)

#19 JS:Script (size: 33360)

#20 JS:Script (size: 61145)

#21 JS:Script (size: 6)

#22 JS:Script (size: 155)

#23 JS:Script (size: 2753)

#24 JS:Script (size: 49252)

#25 JS:Script (size: 37)

#26 JS:Script (size: 61)

#27 JS:Script (size: 3970)

#28 JS:Script (size: 850)

#29 JS:Script (size: 5)

#30 JS:Script (size: 147)

#31 JS:Script (size: 4809)

#32 JS:Script (size: 1257)

#33 JS:Script (size: 2416)

#34 JS:Script (size: 8)

#35 JS:Script (size: 4016)

#36 JS:Script (size: 25)

#37 JS:Script (size: 4356)

#38 JS:Script (size: 1322)

#39 JS:Script (size: 86927)

#40 JS:Script (size: 2962)

#41 JS:Script (size: 2728)

#42 JS:Script (size: 25)

#43 JS:Script (size: 139861)

#44 JS:Script (size: 2728)

#45 JS:Script (size: 610989)

#46 JS:Script (size: 1648)

#47 JS:Script (size: 3843)

#48 JS:Script (size: 79595)

#49 JS:Script (size: 361)

#50 JS:Script (size: 4691)

#51 JS:Script (size: 213213)

#52 JS:Script (size: 25)

#53 JS:Script (size: 25)

#54 JS:Script (size: 181)

#55 JS:Script (size: 79)

#56 JS:Script (size: 10958)