a competitor site to pastebin
What web site isn't? The whole point of HTTP is retrieving data. Depending on payload size, decoder size, and amount of work the attacker wants to go through, the payload could be disguised as nearly anything on nearly any site.
How many abandoned blogs are out there with unmonitored, open comment functions?
Hell, just encode the payload as a GIF or PNG and stash it on an image-sharing site. (Other formats work as well, of course, but GIF and PNG are probably the simplest of the common image formats to work with.)
This is clearly a low-hanging-fruit recommendation, but it does so little to prune the attack tree that it hardly seems worthwhile. I never use Pastebin, and I can't see much value in blocking it.