URL: https://www.heypasteit.com/clip/0IUXQ3
Submission: On August 11 via api from US

Summary

This website contacted 9 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3037::ac43:8041, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.heypasteit.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 22nd 2020. Valid for: a year.
This is the only time www.heypasteit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 195.181.175.46 60068 (CDN77)
1 198.145.13.14 2044 (IINET-2044)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 162.252.214.5 53334 (TUT-AS)
1 216.21.13.10 53334 (TUT-AS)
22 9
Domain Requested by
6 www.heypasteit.com www.heypasteit.com
3 adsco.re c.adsco.re
2 6.adsco.re c.adsco.re
2 c.adsco.re c1.popads.net
c.adsco.re
2 ssl.google-analytics.com www.heypasteit.com
1 serve.popads.net c1.popads.net
1 in.getclicky.com static.getclicky.com
1 c1.popads.net www.heypasteit.com
1 static.getclicky.com www.heypasteit.com
0 4fnkhocziu9o.s.adsco.re Failed c.adsco.re
0 4fnkhocziu9o.n.adsco.re Failed c.adsco.re
0 4fnkhocziu9o.l.adsco.re Failed c.adsco.re
22 12

This site contains links to these domains. Also see Links.

Domain
adsco.re
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-22 -
2021-07-22
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-07-15 -
2020-10-07
3 months crt.sh
1355769017.rsc.cdn77.org
Let's Encrypt Authority X3
2020-08-10 -
2020-11-08
3 months crt.sh
*.getclicky.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-03 -
2022-08-03
2 years crt.sh
*.adsco.re
COMODO RSA Organization Validation Secure Server CA
2017-09-26 -
2020-09-25
3 years crt.sh
*.popads.net
Sectigo RSA Domain Validation Secure Server CA
2019-10-29 -
2021-10-29
2 years crt.sh

This page contains 2 frames:

Primary Page: https://www.heypasteit.com/clip/0IUXQ3
Frame ID: 02E1584CA6C3C2531DB8669F5639D22C
Requests: 21 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 74C264C0A106E5D34ABF40DCAC5AD248
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

22
Requests

86 %
HTTPS

50 %
IPv6

5
Domains

12
Subdomains

9
IPs

2
Countries

64 kB
Transfer

164 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 0IUXQ3
www.heypasteit.com/clip/
5 KB
2 KB
Document
General
Full URL
https://www.heypasteit.com/clip/0IUXQ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b7b77df992b4589bd084122fdacb21f81333019e99f3dd7fb5def0995f6c286

Request headers

:method
GET
:authority
www.heypasteit.com
:scheme
https
:path
/clip/0IUXQ3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 11 Aug 2020 19:42:37 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d5a10ae8f20be68fa9e87d875f1db8fce1597174956; expires=Thu, 10-Sep-20 19:42:36 GMT; path=/; domain=.heypasteit.com; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0480a4da350000dfd3e700a200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5c1470d6b96bdfd3-FRA
content-encoding
br
88hewgptcmUkoZ9bU8xH2kUZ6r0.js
www.heypasteit.com/cdn-cgi/apps/head/
5 KB
2 KB
Script
General
Full URL
https://www.heypasteit.com/cdn-cgi/apps/head/88hewgptcmUkoZ9bU8xH2kUZ6r0.js
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/clip/0IUXQ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cf0323b5a6c93a3abb8a645166eee16a6367a278a12ca26665fee4db045d14d

Request headers

Referer
https://www.heypasteit.com/clip/0IUXQ3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:42:37 GMT
content-encoding
br
cf-cache-status
HIT
age
1665405
status
200
x-amz-request-id
D14EFCBF02097F64
x-amz-id-2
0BRfgWc7nTxcE2oe6Uzq1QYsep/ePCFLYNd6aMyPs2tW38UirjeIgyp1uX+nA+v1HpAqF+I2Yz0=
last-modified
Mon, 24 Jul 2017 22:02:04 GMT
server
cloudflare
etag
W/"6fedca78a48b7a636689393f36466422"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
VBlfkY3nr.xYrEaOrumMVkq.iSycPoGC
cf-request-id
0480a4dbf20000dfd3e701b200000001
cf-ray
5c1470d98fd5dfd3-FRA
style.css
www.heypasteit.com/
2 KB
787 B
Stylesheet
General
Full URL
https://www.heypasteit.com/style.css
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/clip/0IUXQ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae95a0e0c5418507e55778f9d0d5de5354304b0745e34b532639a31e0e4cc49a

Request headers

Referer
https://www.heypasteit.com/clip/0IUXQ3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:42:37 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 13 Sep 2019 05:34:22 GMT
server
cloudflare
etag
W/"5d7b2a5e-9d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=691200
cf-polished
origSize=2521
cf-ray
5c1470d98fd4dfd3-FRA
cf-request-id
0480a4dbf20000dfd3e701a200000001
cf-bgj
minify
mootools.js
www.heypasteit.com/js/
22 KB
7 KB
Script
General
Full URL
https://www.heypasteit.com/js/mootools.js
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/clip/0IUXQ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7186dbee771a0c5ee65b9ac500a7918e1805ad0459bfa516131e2e039b1b65d3

Request headers

Referer
https://www.heypasteit.com/clip/0IUXQ3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:42:37 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 13 Sep 2019 05:34:22 GMT
server
cloudflare
etag
W/"5d7b2a5e-5afd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=691200
cf-polished
origSize=23293
cf-ray
5c1470d98fd7dfd3-FRA
cf-request-id
0480a4dbf20000dfd3e701c200000001
cf-bgj
minify
hey-paste-it.png
www.heypasteit.com/img/
4 KB
4 KB
Image
General
Full URL
https://www.heypasteit.com/img/hey-paste-it.png
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/clip/0IUXQ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
734e1e5de690f6c532be30c6f24274221eb4d9281a14db435b791cd2a879ded5

Request headers

Referer
https://www.heypasteit.com/clip/0IUXQ3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:42:37 GMT
cf-cache-status
REVALIDATED
cf-polished
origSize=4800
status
200
content-length
3649
cf-request-id
0480a4dcb70000dfd3e7027200000001
last-modified
Fri, 13 Sep 2019 05:34:22 GMT
server
cloudflare
etag
"5d7b2a5e-12c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
5c1470daba8fdfd3-FRA
cf-bgj
imgq:100,h2pri
js
static.getclicky.com/
15 KB
6 KB
Script
General
Full URL
https://static.getclicky.com/js
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/cdn-cgi/apps/head/88hewgptcmUkoZ9bU8xH2kUZ6r0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c29235c7537fb21c1de7b20aec0870b95532cdc39b60a00d45a72c2a7fb2376

Request headers

Referer
https://www.heypasteit.com/clip/0IUXQ3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:42:37 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
220577
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
expires
Tue, 18 Aug 2020 19:42:37 GMT
cache-control
public, max-age=604800
cf-ray
5c1470dafca8dfa5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0480a4dcd80000dfa553262200000001
x-proxy-cache
HIT
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/clip/0IUXQ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heypasteit.com/clip/0IUXQ3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
5093
date
Tue, 11 Aug 2020 18:17:44 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 11 Aug 2020 20:17:44 GMT
pop.js
c1.popads.net/
31 KB
9 KB
Script
General
Full URL
https://c1.popads.net/pop.js
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/clip/0IUXQ3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.46 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-44.cdn77.com
Software
CDN77-Turbo /
Resource Hash
a6f6f915735dc972ccf1173136f278e4e7dd53505fd99d94a4292676dc7bfa35

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heypasteit.com/clip/0IUXQ3
Origin
https://www.heypasteit.com

Response headers

x-77-nzt
AcO1rywaE+79dBkAAA==
date
Tue, 11 Aug 2020 19:42:37 GMT
content-encoding
br
last-modified
Mon, 04 May 2020 18:26:17 GMT
server
CDN77-Turbo
x-edge-pop
frankfurtDE
etag
W/"5eb05e49-7a55"
status
200
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
x-edge-ip
195.181.175.44
x-age
6516
alt-svc
quic="195.181.175.44:443"; ma=2592000; v="44,43,39"
text-bg.png
www.heypasteit.com/img/
133 B
252 B
Image
General
Full URL
https://www.heypasteit.com/img/text-bg.png
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/clip/0IUXQ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f9a24c73d65b43475c9b18dcf762bfac00d39ca147ab7ede38b9a9ba41d7068

Request headers

Referer
https://www.heypasteit.com/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:42:37 GMT
cf-cache-status
REVALIDATED
cf-polished
origSize=174
status
200
content-length
133
cf-request-id
0480a4dccd0000dfd3e7029200000001
last-modified
Fri, 13 Sep 2019 05:34:22 GMT
server
cloudflare
etag
"5d7b2a5e-ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
5c1470daeadadfd3-FRA
cf-bgj
imgq:100
__utm.gif
ssl.google-analytics.com/r/
35 B
196 B
Image
General
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=657506302&utmhn=www.heypasteit.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Clip%20%230IUXQ3&utmhid=1856770312&utmr=-&utmp=%2Fclip%2F0IUXQ3&utmht=1597174957295&utmac=UA-843262-37&utmcc=__utma%3D189394482.2032074615.1597174957.1597174957.1597174957.1%3B%2B__utmz%3D189394482.1597174957.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=917543004&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/clip/0IUXQ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heypasteit.com/clip/0IUXQ3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Aug 2020 19:42:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
in.php
in.getclicky.com/
257 B
493 B
Script
General
Full URL
https://in.getclicky.com/in.php?site_id=101001127&type=pageview&href=%2Fclip%2F0IUXQ3&title=Clip%20%230IUXQ3&res=1600x1200&lang=en&jsuid=2963124519&mime=js&x=0.28020092532016583
Requested by
Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.145.13.14 , United States, ASN2044 (IINET-2044, US),
Reverse DNS
getclicky.com
Software
nginx /
Resource Hash
9bf7942cc1471e31ea29fdadfaa1b669d237dd8ea401e6f1b02c108e822695c0

Request headers

Referer
https://www.heypasteit.com/clip/0IUXQ3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:42:38 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
c.adsco.re/
35 KB
13 KB
Script
General
Full URL
https://c.adsco.re/
Requested by
Host: c1.popads.net
URL: https://c1.popads.net/pop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9589120651cc4ea755db4f8c8848f27408b7336b454f3ee6ad22a732725644e9

Request headers

Referer
https://www.heypasteit.com/clip/0IUXQ3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:42:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
563592
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0480a4de0e00000609cd29f200000001
server
cloudflare
etag
W/"SJc1ouqxjhvv0sBICfL/bg=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
cache-control
max-age=43200,public,immutable,no-transform
cf-ray
5c1470dce8e00609-FRA
link
<//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch
expires
Wed, 05 Aug 2020 19:09:25 GMT
p
adsco.re/
0
323 B
Other
General
Full URL
https://adsco.re/p
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heypasteit.com/clip/0IUXQ3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 19:42:38 GMT
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
AS-P-4
OK
Transfer-Encoding
chunked
AS-P-1
OK
Access-Control-Max-Age
2592000
Cache-Control
no-transform
Connection
keep-alive
AS-E
ND
AS-P-2
OK
AS-P-3
OK
/
6.adsco.re/
0
266 B
Other
General
Full URL
https://6.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heypasteit.com/clip/0IUXQ3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:42:37 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
access-control-max-age
2592000
cache-control
max-age=600,public,immutable
cf-ray
5c1470ddbbd30609-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0480a4de8f00000609cd2ac200000001
p
adsco.re/
0
420 B
XHR
General
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heypasteit.com/clip/0IUXQ3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 11 Aug 2020 19:42:37 GMT
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
AS-P-4
OK
Transfer-Encoding
chunked
AS-P-1
OK
Access-Control-Allow-Origin
https://www.heypasteit.com
Access-Control-Max-Age
2592000
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
AS-E
ND
AS-P-2
OK
AS-P-3
OK
/
6.adsco.re/
53 B
480 B
XHR
General
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8

Request headers

Referer
https://www.heypasteit.com/clip/0IUXQ3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:42:37 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.heypasteit.com
access-control-max-age
2592000
cache-control
max-age=600,public,immutable
cf-ray
5c1470dd3c7c63a1-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0480a4de42000063a1b300d200000001
/
4fnkhocziu9o.l.adsco.re/
0
0

/
4fnkhocziu9o.n.adsco.re/
0
0

/
4fnkhocziu9o.s.adsco.re/
0
0

/
c.adsco.re/ Frame 74C2
0
0
Document
General
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
c.adsco.re
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heypasteit.com/clip/0IUXQ3
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heypasteit.com/clip/0IUXQ3

Response headers

status
200
date
Tue, 11 Aug 2020 19:42:37 GMT
content-type
text/html
cache-control
max-age=43200,public,immutable,no-transform
link
<//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch
expires
Wed, 05 Aug 2020 19:09:25 GMT
etag
W/"SJc1ouqxjhvv0sBICfL/bg=="
content-encoding
gzip
cf-cache-status
HIT
age
563592
cf-request-id
0480a4de8e00000609cd2ab200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5c1470ddbbcc0609-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p
adsco.re/
363 B
849 B
XHR
General
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e1b65343287dad4695c16a0698abbb3122d8653f2d8ccc5244d1c73dfe408aa1

Request headers

Referer
https://www.heypasteit.com/clip/0IUXQ3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

AS-P-G
OK
Date
Tue, 11 Aug 2020 19:42:38 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK
Access-Control-Allow-Origin
https://www.heypasteit.com
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
c
serve.popads.net/
0
272 B
Script
General
Full URL
https://serve.popads.net/c?_=BAoAXzL0rgFfMvSugAGBAsAAINeZvihnJbN221884m-pZ5DAcnzGzIHqSEQi63Q7Mh-YwQBHMEUCIB7_qbhQxvEpiYHusErKyWvnOJ5CwkH4qATtDsws9PqIAiEA5m7YRHWEjYQumLp1mswE5OcXc37rZ9HY3gyaeHKbTxHCACACZssxbjw7Upixz3YMku8ZtEqRXgyVrxkpAAs4goirFsQAECoBBPgBklQUAAAAAAAAAALFABCXvmgPzqCqeKddR_goTYSQwwBHMEUCICc-LTdYGVHz8p_h2Xa0ZKToSPPbFLLlBQhc1FgHNjkXAiEAheG1SJTXaSxQDG2p4eQoYPuehgAaiHDrAAXSnTYTvWc&v=4&siteId=611396&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200,0
Requested by
Host: c1.popads.net
URL: https://c1.popads.net/pop.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
216.21.13.10 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heypasteit.com/clip/0IUXQ3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 19:42:38 GMT
ASF
9
Access-Control-Allow-Origin
*
Content-Type
application/javascript
PopAds-EC
ASB
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Content-Length
0
Expires
Tue, 18 Aug 2020 19:42:38 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
4fnkhocziu9o.l.adsco.re
URL
https://4fnkhocziu9o.l.adsco.re/
Domain
4fnkhocziu9o.n.adsco.re
URL
https://4fnkhocziu9o.n.adsco.re/
Domain
4fnkhocziu9o.s.adsco.re
URL
https://4fnkhocziu9o.s.adsco.re/

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Eager object| CloudflareApps object| clicky_site_ids object| MooTools function| $defined function| $type function| $merge function| $extend function| $native function| $chk function| $pick function| $random function| $time function| $clear function| Abstract function| Class function| Chain function| Events function| Options function| $A function| $each function| Elements function| $ function| $$ object| Garbage function| XHR function| Ajax function| extend boolean| xpath boolean| webkit420 boolean| webkit boolean| khtml function| addListener function| removeListener function| getclip object| _gaq object| _pop object| _gat object| gaGlobal object| clicky_obj object| clicky object| clicky_custom object| _genericStats object| _genericStatsCustom object| detectZoom object| AdservingModule object| iframe object| where object| win object| _pao function| AdscoreInit number| a function| ed number| t number| r number| g number| b string| bt number| NO_PINGY_101001127

6 Cookies

Domain/Path Name / Value
.heypasteit.com/ Name: __utmz
Value: 189394482.1597174957.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.heypasteit.com/ Name: __utmc
Value: 189394482
.heypasteit.com/ Name: __cfduid
Value: d5a10ae8f20be68fa9e87d875f1db8fce1597174956
.heypasteit.com/ Name: __utmt
Value: 1
.heypasteit.com/ Name: __utmb
Value: 189394482.1.10.1597174957
.heypasteit.com/ Name: __utma
Value: 189394482.2032074615.1597174957.1597174957.1597174957.1

1 Console Messages

Source Level URL
Text
console-api log URL: https://c.adsco.re/(Line 16)
Message:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4fnkhocziu9o.l.adsco.re
4fnkhocziu9o.n.adsco.re
4fnkhocziu9o.s.adsco.re
6.adsco.re
adsco.re
c.adsco.re
c1.popads.net
in.getclicky.com
serve.popads.net
ssl.google-analytics.com
static.getclicky.com
www.heypasteit.com
4fnkhocziu9o.l.adsco.re
4fnkhocziu9o.n.adsco.re
4fnkhocziu9o.s.adsco.re
162.252.214.5
195.181.175.46
198.145.13.14
216.21.13.10
2606:4700:3037::ac43:8041
2606:4700::6810:a010
2606:4700::6811:a7ba
2a00:1450:4001:816::2008
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8
3c29235c7537fb21c1de7b20aec0870b95532cdc39b60a00d45a72c2a7fb2376
4b7b77df992b4589bd084122fdacb21f81333019e99f3dd7fb5def0995f6c286
7186dbee771a0c5ee65b9ac500a7918e1805ad0459bfa516131e2e039b1b65d3
734e1e5de690f6c532be30c6f24274221eb4d9281a14db435b791cd2a879ded5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8cf0323b5a6c93a3abb8a645166eee16a6367a278a12ca26665fee4db045d14d
9589120651cc4ea755db4f8c8848f27408b7336b454f3ee6ad22a732725644e9
9bf7942cc1471e31ea29fdadfaa1b669d237dd8ea401e6f1b02c108e822695c0
9f9a24c73d65b43475c9b18dcf762bfac00d39ca147ab7ede38b9a9ba41d7068
a6f6f915735dc972ccf1173136f278e4e7dd53505fd99d94a4292676dc7bfa35
ae95a0e0c5418507e55778f9d0d5de5354304b0745e34b532639a31e0e4cc49a
e1b65343287dad4695c16a0698abbb3122d8653f2d8ccc5244d1c73dfe408aa1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855