www.heypasteit.com Open in urlscan Pro
2606:4700:3034::ac43:bfa0  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 0IXVAC Show response www.heypasteit.com/clip/	5 KB 2 KB	508ms 376ms	Document text/html	2606:4700:3034::ac43:bfa0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.heypasteit.com/clip/0IXVAC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:bfa0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 077578536ba00d0bf706369fbe21fe3b11d0d42faffc750e7dd226cad40fa3cf Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 11 Jan 2022 19:05:10 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ux9d3RAQbs%2Fm1t4IoaWhv48nPjAGx8BejZJ4AXSFU2wpCSOHCbj3UPe48Py0BG0SPkTIYcLHfzRAkWkyg0L65tCvPUOMx%2FyiF8%2FV854728nE8OZWbUlHCHpjvDfPM4pUJuk25eqGP8ehY1aJced84%2BI%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6cc06a3bec6d665d-MAD content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	88hewgptcmUkoZ9bU8xH2kUZ6r0.js Show response www.heypasteit.com/cdn-cgi/apps/head/	5 KB 2 KB	527ms 526ms	Script application/javascript	2606:4700:3034::ac43:bfa0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.heypasteit.com/cdn-cgi/apps/head/88hewgptcmUkoZ9bU8xH2kUZ6r0.js Requested by Host: www.heypasteit.com URL: https://www.heypasteit.com/clip/0IXVAC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:bfa0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8cf0323b5a6c93a3abb8a645166eee16a6367a278a12ca26665fee4db045d14d Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.heypasteit.com/clip/0IXVAC User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 11 Jan 2022 19:05:10 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 75JHX4PSFWYTBEQN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-version-id VBlfkY3nr.xYrEaOrumMVkq.iSycPoGC x-amz-id-2 hLWMlo0ySgh4YTWVy499DGF2km0YhtsqFJeHE5bDyQUS7dxORXA2HU9NTRr6o64QK3y9OVGbLb0= last-modified Mon, 24 Jul 2017 22:02:04 GMT server cloudflare etag W/"6fedca78a48b7a636689393f36466422" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsnVQG9h7HcdaseILCCWf%2Fju8D4n8R5iWkCy1gFxww6hPlgZknQO0kc80Xdtu7UCo1qAOLO9q6ahS%2BhTJ0JVpWnISl4eOp%2B81ebwqihgg0yNDBgciWy1eEYKT6niUgkvYc4vbeWEt4wOKl6nV1%2FPQ%2Bg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 6cc06a3e5d19665d-MAD
GET H2	200	style.css www.heypasteit.com/	2 KB 1 KB	286ms 285ms	Stylesheet text/css	2606:4700:3034::ac43:bfa0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.heypasteit.com/style.css Requested by Host: www.heypasteit.com URL: https://www.heypasteit.com/clip/0IXVAC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:bfa0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae95a0e0c5418507e55778f9d0d5de5354304b0745e34b532639a31e0e4cc49a Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.heypasteit.com/clip/0IXVAC User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 11 Jan 2022 19:05:10 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=2521 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Wed, 15 Sep 2021 14:03:34 GMT server cloudflare etag W/"6141fd36-9d9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMHH%2B1XDb4zIfpeNxgnGLUAgLiq6DJVothVpb4kdTsqc9e6iucpWoNYGDfZrkgvvjJPEx%2FHt0nRDSftnHDdSpdg7M4QzyEYmeH8w2RJYFB6DFKPUxYUy7sHSrS%2F%2BGlryQzf%2Bwkujs4Z069zP3UVoJ3k%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=691200 cf-ray 6cc06a3e5d1c665d-MAD cf-bgj minify
GET H2	200	mootools.js Show response www.heypasteit.com/js/	5 KB 2 KB	277ms 277ms	Script text/html	2606:4700:3034::ac43:bfa0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.heypasteit.com/js/mootools.js Requested by Host: www.heypasteit.com URL: https://www.heypasteit.com/clip/0IXVAC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:bfa0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27adebdac23863391b37c7eebf1c17cf8001f1da8f1150a7e5d850a436ceae5f Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.heypasteit.com/clip/0IXVAC User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 11 Jan 2022 19:05:10 GMT content-encoding br cf-cache-status MISS last-modified Tue, 11 Jan 2022 19:05:10 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgyCx%2BTTU3tiFU4q6ZGPnxO%2Fmj1G2NuCRr63h8jt%2FNr8FmnCEdj1PGpBgE4x1QkIMhoP1n7SLSOM6GOvJrfWpd%2BDW0AhiVN7H%2BLBnPZ5oLw3RlS6wxSZqUkLY7cjpFg1c5E9i8cVivKdBT3V40lTJg0%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=691200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6cc06a3e5d24665d-MAD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	hey-paste-it.png www.heypasteit.com/img/	4 KB 4 KB	91ms 91ms	Image image/png	2606:4700:3034::ac43:bfa0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.heypasteit.com/img/hey-paste-it.png Requested by Host: www.heypasteit.com URL: https://www.heypasteit.com/clip/0IXVAC Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:bfa0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 734e1e5de690f6c532be30c6f24274221eb4d9281a14db435b791cd2a879ded5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.heypasteit.com/clip/0IXVAC User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 11 Jan 2022 19:05:10 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3616 cf-polished origSize=4800 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 3649 last-modified Wed, 15 Sep 2021 14:03:34 GMT server cloudflare etag "6141fd36-12c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SgyBUWvxYHnSeDDmC%2FITCxbM%2FtKgc1ZYuHS5by38fAqybilpKev01p33Pm%2F4%2FYTIDgFcFRQuv4aO6TXXVSwLSB56GkPNa96M58zw1eouKIZpPVGQw3m%2B1oeXSTGGzjWA6K003qgwGgW5sI%2FnUZVOT0%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=691200 accept-ranges bytes cf-ray 6cc06a401fe03634-MAN cf-bgj imgq:100,h2pri
GET H2	200	js Show response static.getclicky.com/	15 KB 6 KB	150ms 63ms	Script text/javascript	2606:4700::6810:dd1d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.getclicky.com/js Requested by Host: www.heypasteit.com URL: https://www.heypasteit.com/cdn-cgi/apps/head/88hewgptcmUkoZ9bU8xH2kUZ6r0.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bacfe860f5e5d8ddc38de0220d3625bdf3cd201e85b963865a4f25fc66cb60a2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.heypasteit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 11 Jan 2022 19:05:10 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 06 Jan 2022 21:34:01 GMT server cloudflare age 423069 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * expires Tue, 18 Jan 2022 19:05:10 GMT cache-control public, max-age=604800 cf-ray 6cc06a422b693753-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-proxy-cache HIT
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	29ms 6ms	Script text/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: www.heypasteit.com URL: https://www.heypasteit.com/clip/0IXVAC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.heypasteit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 161 date Tue, 11 Jan 2022 19:02:29 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17168 expires Tue, 11 Jan 2022 21:02:29 GMT
GET H2	200	pop.js Show response c1.popads.net/	30 KB 9 KB	68ms 12ms	Script application/javascript	2a02:6ea0:c700::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://c1.popads.net/pop.js Requested by Host: www.heypasteit.com URL: https://www.heypasteit.com/clip/0IXVAC Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 2c1d923947d609eee480c2ab3d67e58e7ed8c9d329aaa6fda21b30cb14e44dbe Request headers Referer https://www.heypasteit.com/ Origin https://www.heypasteit.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-77-nzt AcO1rgXqcCj/Oz4IAA== x-accel-expires @1642424491 date Tue, 11 Jan 2022 19:05:10 GMT content-encoding br etag W/"60b8c713-78c7" last-modified Thu, 03 Jun 2021 12:12:03 GMT server CDN77-Turbo x-77-nzt-ray R5OsvChrmOI= x-77-cache HIT content-type application/javascript; charset=UTF-8 access-control-allow-origin * alt-svc quic="195.181.174.5:443"; ma=2592000; v="44,43,39" x-cache HIT x-age 540219 x-77-pop frankfurtDE
GET H3	200	text-bg.png www.heypasteit.com/img/	156 B 783 B	111ms 110ms	Image image/png	2606:4700:3034::ac43:bfa0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.heypasteit.com/img/text-bg.png Requested by Host: www.heypasteit.com URL: https://www.heypasteit.com/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:bfa0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6e860ef0f287819a0c0646c87dd5a30b0291fb89e89378dab946f93074db780c Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.heypasteit.com/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 11 Jan 2022 19:05:10 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3616 cf-polished origSize=174 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 156 last-modified Wed, 15 Sep 2021 14:03:34 GMT server cloudflare etag "6141fd36-ae" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjPwlELS6lICxdJU8kaOAgQ0gmydtFU09bWq2h56PS%2FT7UDm13DQMV9WnoCGmW3XvNNsmtYCJ4LoOPfk%2B1YKorfFQyuxec1B7RLmtul4JWhls3fz25cyO9babX%2BubMjW7CMRiKPnu3i6L3jdYEur8Zk%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=691200 accept-ranges bytes cf-ray 6cc06a41beca3634-MAN cf-bgj imgq:100,h2pri
GET H3	200	__utm.gif ssl.google-analytics.com/r/	35 B 54 B	29ms 14ms	Image image/gif	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=464212892&utmhn=www.heypasteit.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Clip%20%230IXVAC&utmhid=688256433&utmr=-&utmp=%2Fclip%2F0IXVAC&utmht=1641927910686&utmac=UA-843262-37&utmcc=__utma%3D189394482.1510913348.1641927911.1641927911.1641927911.1%3B%2B__utmz%3D189394482.1641927911.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2089603845&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ Requested by Host: www.heypasteit.com URL: https://www.heypasteit.com/clip/0IXVAC Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.heypasteit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Tue, 11 Jan 2022 19:05:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response c.adsco.re/	62 KB 22 KB	138ms 48ms	Script text/html	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c1.popads.net URL: https://c1.popads.net/pop.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.heypasteit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 11 Jan 2022 19:05:10 GMT content-encoding br cf-cache-status HIT server cloudflare age 3427578 etag W/"2Ma3006J78KgzL0RD+7gUg==" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch cache-control public, max-age=2678400 cf-ray 6cc06a434b50374d-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Fri, 11 Feb 2022 19:05:10 GMT
GET H2	200	/ 6.adsco.re/	0 112 B	127ms 45ms	Other text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.heypasteit.com/ Origin https://www.heypasteit.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 11 Jan 2022 19:05:11 GMT content-encoding br server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://www.heypasteit.com access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 6cc06a441c0f5a07-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	/ 4.adsco.re/	0 465 B	106ms 30ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.heypasteit.com/ Origin https://www.heypasteit.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 11 Jan 2022 19:05:11 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://www.heypasteit.com Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
POST H/1.1	200 OK	p Show response adsco.re/	0 427 B	90ms 30ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.heypasteit.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 11 Jan 2022 19:05:11 GMT Content-Encoding gzip Content-Type text/html; charset=UTF-8 AS-P-4 OK Transfer-Encoding chunked AS-P-1 OK lon124 Access-Control-Allow-Origin https://www.heypasteit.com Access-Control-Max-Age 2592000 Cache-Control no-transform Access-Control-Allow-Credentials true Connection keep-alive AS-E ND AS-P-2 OK AS-P-3 OK
GET H/1.1	200 OK	/ Show response 4.adsco.re/	45 B 465 B	68ms 24ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 22a953d9b03b312f46099532c84cad014295397e037409faf76992da0bf0fc2b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.heypasteit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 11 Jan 2022 19:05:11 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://www.heypasteit.com Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H2	200	/ Show response 6.adsco.re/	69 B 463 B	109ms 44ms	XHR text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a579d0a7eeab12540789e636705a0dcf3a888a92725c6846665b51bab2fe248 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.heypasteit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 11 Jan 2022 19:05:11 GMT content-encoding br server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://www.heypasteit.com access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 6cc06a441c085a07-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
POST H/1.1	200 OK	/ ereap0zxnp5s.l4.adsco.re/	0 464 B	79ms 18ms	Ping text/html	185.200.118.90 M247
General Check archive.org Show headers Download Go to Full URL https://ereap0zxnp5s.l4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB), Reverse DNS adscore.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.heypasteit.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 11 Jan 2022 19:05:11 GMT Last-Modified Tue, 31 Jul 2018 22:16:15 GMT ETag "5b60dfaf-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
POST H/1.1	200 OK	/ ereap0zxnp5s.n4.adsco.re/	0 464 B	601ms 86ms	Ping text/html	38.132.109.186 M247
General Check archive.org Show headers Download Go to Full URL https://ereap0zxnp5s.n4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 38.132.109.186 New York, United States, ASN9009 (M247, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.heypasteit.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 11 Jan 2022 19:05:11 GMT Last-Modified Mon, 30 Jul 2018 15:32:42 GMT ETag "5b5f2f9a-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
POST H/1.1	200 OK	/ ereap0zxnp5s.s4.adsco.re/	0 464 B	1250ms 180ms	Ping text/html	185.200.116.90 M247
General Check archive.org Show headers Download Go to Full URL https://ereap0zxnp5s.s4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB), Reverse DNS no-mans-land.m247.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.heypasteit.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 11 Jan 2022 19:05:12 GMT Last-Modified Mon, 30 Jul 2018 15:38:01 GMT ETag "5b5f30d9-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
GET H3	200	/ Show response c.adsco.re/ Frame AFCC	62 KB 22 KB	152ms 63ms	Document text/html	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.heypasteit.com/ Response headers date Tue, 11 Jan 2022 19:05:11 GMT content-type text/html cache-control public, max-age=2678400 link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch expires Fri, 11 Feb 2022 19:05:11 GMT etag W/"2Ma3006J78KgzL0RD+7gUg==" cf-cache-status HIT age 3427579 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 6cc06a445ccd839d-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	in.php Show response in.getclicky.com/	256 B 491 B	450ms 147ms	Script text/javascript	198.145.13.11 DF-PTL01
General Check archive.org Show headers Download Go to Full URL https://in.getclicky.com/in.php?site_id=101001127&type=pageview&href=%2Fclip%2F0IXVAC&title=Clip%20%230IXVAC&res=1600x1200&lang=en&jsuid=703369399&mime=js&x=0.7147697450005228 Requested by Host: static.getclicky.com URL: https://static.getclicky.com/js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.145.13.11 Wilsonville, United States, ASN2044 (DF-PTL01, US), Reverse DNS getclicky.com Software nginx / Resource Hash d54784b1c3ab8d13735876e53a289c593dc75ac64d09a847bde7bd3199c3d709 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.heypasteit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 11 Jan 2022 19:05:11 GMT content-encoding gzip server nginx vary Accept-Encoding, Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control no-cache, must-revalidate, post-check=0, pre-check=0 expires Mon, 26 Jul 1997 05:00:00 GMT
GET		/ 6.adsco.re/ Frame AFCC	0 0
GET H/1.1	200 OK	/ 4.adsco.re/ Frame AFCC	0 457 B	40ms 40ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://c.adsco.re/ Origin https://c.adsco.re Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 11 Jan 2022 19:05:11 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://c.adsco.re Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H3	200	/ c.adsco.re/ Frame AFCC	25 KB 0	62ms 62ms	XHR text/html	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://c.adsco.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 11 Jan 2022 19:05:11 GMT content-encoding br cf-cache-status HIT server cloudflare age 3427579 etag W/"2Ma3006J78KgzL0RD+7gUg==" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch cache-control public, max-age=2678400 cf-ray 6cc06a44de6f839d-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Fri, 11 Feb 2022 19:05:11 GMT
GET		/ 4.adsco.re/ Frame AFCC	0 0
POST H/1.1	200 OK	p Show response adsco.re/	363 B 872 B	62ms 61ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e539d326307522c83ba16013d4fded0179a0206cd4b2ecc7aa3abd9c3e82a814 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.heypasteit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers AS-P-G OK Date Tue, 11 Jan 2022 19:05:11 GMT AS-P-7 OK AS-P-9 OK AS-P-C OK Transfer-Encoding chunked AS-P-5 OK AS-P-F OK Connection keep-alive Content-Encoding gzip AS-P-2 OK AS-P-D OK AS-P-6 OK AS-P-B OK AS-P-H OK AS-P-4 OK AS-P-A OK Access-Control-Max-Age 2592000 AS-P-1 OK lon124 Access-Control-Allow-Origin https://www.heypasteit.com Cache-Control no-transform Access-Control-Allow-Credentials true AS-P-8 OK Content-Type text/html; charset=UTF-8 AS-P-E OK AS-P-3 OK
GET H/1.1	200 OK	c Show response serve.popads.net/	44 B 277 B	172ms 120ms	Script text/javascript	216.21.13.10 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://serve.popads.net/c?_=BAoAYd3U5wFh3dTngAGBAsAAIKLPTsSU4EAPJLJMoTgc5LTCiYZTHJdPrTi8XVJyqx45wQBHMEUCIQDV0lIMFH65pEKc0X6JmE5i8YQhQNoRKnElY4tEd2sMhAIgIhVXWq-inokcPHhTNDl0e3TKbQOsfBfAvyGwkt2uSd3CACC62UnylqPHlsYhdH3y1nQpQ3MIwcFWU0SVBDt0Wc_disQAECABCsgAIDwAEBGpQkgR4eTFABDD8q-XFt21kpL8RngzwAdLwwBHMEUCICD2Zf0wf1Uqhaxe-tp7zfHrmGJR046pqKmyxbj_SyRDAiEA9Qy4fmzKruW521Xchcqi6AhyS2yEu3DW7PW4zKzN6lY&v=4&siteId=611396&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200,0 Requested by Host: c1.popads.net URL: https://c1.popads.net/pop.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 216.21.13.10 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.heypasteit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 11 Jan 2022 19:05:11 GMT asf 9 access-control-allow-origin * content-type text/javascript;charset=UTF-8 popads-ec ASB Connection Keep-Alive Keep-Alive timeout=5, max=100 content-length 44

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

6.adsco.re

URL

https://6.adsco.re/

Domain

4.adsco.re

URL

https://4.adsco.re/

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onsecuritypolicyviolation object| onslotchange object| Eager object| CloudflareApps object| clicky_site_ids function| getclip object| _gaq object| _pop object| _gat object| gaGlobal object| detectZoom object| iframe object| where object| win boolean| punderminipop object| _pao object| clicky_obj object| clicky object| clicky_custom undefined| test object| _genericStats object| _genericStatsCustom object| $jscomp function| $jscomp$lookupPolyfilledValue function| AdscoreInit object| pako string| txt number| a function| ed number| t string| property number| r number| g number| b string| bt number| NO_PINGY_101001127

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.heypasteit.com/	1970-01-20 17:36:39	Name: __utma Value: 189394482.1510913348.1641927911.1641927911.1641927911.1
			.heypasteit.com/	1969-12-31 23:59:59	Name: __utmc Value: 189394482
			.heypasteit.com/	1970-01-20 04:28:15	Name: __utmz Value: 189394482.1641927911.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
			.heypasteit.com/	1970-01-20 00:05:28	Name: __utmt Value: 1
			.heypasteit.com/	1970-01-20 00:05:29	Name: __utmb Value: 189394482.1.10.1641927911
			www.heypasteit.com/	1970-01-20 00:05:53	Name: a Value: XSRTyLMa6gmM8gCHObEEn18cF1XaObJh
			.heypasteit.com/	1970-01-20 00:05:28	Name: _first_pageview Value: 1
			.heypasteit.com/	1970-01-20 08:51:03	Name: _jsuid Value: 703369399
			www.heypasteit.com/	1970-01-20 00:05:49	Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c Value: BAoAYd3U5wFh3dTngAGBAsAAIKLPTsSU4EAPJLJMoTgc5LTCiYZTHJdPrTi8XVJyqx45wQBHMEUCIQDV0lIMFH65pEKc0X6JmE5i8YQhQNoRKnElY4tEd2sMhAIgIhVXWq-inokcPHhTNDl0e3TKbQOsfBfAvyGwkt2uSd3CACC62UnylqPHlsYhdH3y1nQpQ3MIwcFWU0SVBDt0Wc_disQAECABCsgAIDwAEBGpQkgR4eTFABDD8q-XFt21kpL8RngzwAdLwwBHMEUCICD2Zf0wf1Uqhaxe-tp7zfHrmGJR046pqKmyxbj_SyRDAiEA9Qy4fmzKruW521Xchcqi6AhyS2yEu3DW7PW4zKzN6lY
			in.getclicky.com/	1970-01-20 08:51:03	Name: cluid Value: 703369399
			.heypasteit.com/	1970-01-20 00:05:31	Name: no_tracky_101001127 Value: 1
			www.heypasteit.com/	1970-01-20 00:05:49	Name: _popprepop Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
adsco.re
c.adsco.re
c1.popads.net
ereap0zxnp5s.l4.adsco.re
ereap0zxnp5s.n4.adsco.re
ereap0zxnp5s.s4.adsco.re
in.getclicky.com
serve.popads.net
ssl.google-analytics.com
static.getclicky.com
www.heypasteit.com
4.adsco.re
6.adsco.re
162.252.214.5
185.200.116.90
185.200.118.90
198.145.13.11
216.21.13.10
2606:4700:3034::ac43:bfa0
2606:4700::6810:dd1d
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2a00:1450:4001:828::2008
2a02:6ea0:c700::11
38.132.109.186
077578536ba00d0bf706369fbe21fe3b11d0d42faffc750e7dd226cad40fa3cf
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1a579d0a7eeab12540789e636705a0dcf3a888a92725c6846665b51bab2fe248
22a953d9b03b312f46099532c84cad014295397e037409faf76992da0bf0fc2b
27adebdac23863391b37c7eebf1c17cf8001f1da8f1150a7e5d850a436ceae5f
2c1d923947d609eee480c2ab3d67e58e7ed8c9d329aaa6fda21b30cb14e44dbe
6e860ef0f287819a0c0646c87dd5a30b0291fb89e89378dab946f93074db780c
734e1e5de690f6c532be30c6f24274221eb4d9281a14db435b791cd2a879ded5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8cf0323b5a6c93a3abb8a645166eee16a6367a278a12ca26665fee4db045d14d
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
ae95a0e0c5418507e55778f9d0d5de5354304b0745e34b532639a31e0e4cc49a
bacfe860f5e5d8ddc38de0220d3625bdf3cd201e85b963865a4f25fc66cb60a2
d54784b1c3ab8d13735876e53a289c593dc75ac64d09a847bde7bd3199c3d709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e539d326307522c83ba16013d4fded0179a0206cd4b2ecc7aa3abd9c3e82a814