urlscan.io logo urlscan.io
SecurityTrails logo

www.heypasteit.com Open in urlscan Pro
2606:4700:30::681c:705  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://heypasteit.com/
Effective URL: https://www.heypasteit.com/
Submission: On March 14 via manual from CZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 5 domains to perform 23 HTTP transactions. The main IP is 2606:4700:30::681c:705, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.heypasteit.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on March 7th 2019. Valid for: 6 months.
This is the only time www.heypasteit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 7 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 195.181.174.9 60068 (CDN77)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 198.145.13.14 2044 (IINET-2044)
3 162.252.214.5 53334 (TUT-AS)
1 162.252.214.4 53334 (TUT-AS)
1 185.200.118.90 9009 (M247)
1 38.132.109.186 9009 (M247)
1 185.200.116.90 9009 (M247)
1 216.21.13.11 53334 (TUT-AS)
23 12
2    2606:4700:30::681c:605 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
heypasteit.com
www.heypasteit.com
7    2606:4700:30::681c:705 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
heypasteit.com
www.heypasteit.com
1    2606:4700::6810:a010 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
static.getclicky.com
2    2a00:1450:4001:820::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ssl.google-analytics.com
1    195.181.174.9 (United Kingdom)

ASN60068 (CDN77, GB)
PTR: frankfurt-1.cdn77.com
c1.popads.net
4    2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
c.adsco.re
6.adsco.re
1    198.145.13.14 (Wilsonville, United States)

ASN2044 (IINET-2044 - Infinity Internet, Inc., US)
PTR: getclicky.com
in.getclicky.com
3    162.252.214.5 (None, )

ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US)
adsco.re
w.adsco.re
1    162.252.214.4 (None, )

ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US)
162.252.214.4
1    185.200.118.90 (None, )

ASN9009 (M247, GB)
PTR: adscore.com
lhb2fgotflbd.l.adsco.re
1    38.132.109.186 (United States)

ASN9009 (M247, GB)
lhb2fgotflbd.n.adsco.re
1    185.200.116.90 (None, )

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com
lhb2fgotflbd.s.adsco.re
1    216.21.13.11 (United States)

ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US)
serve.popads.net
Domain Requested by
7 www.heypasteit.com 1 redirects www.heypasteit.com
2 w.adsco.re c.adsco.re
2 6.adsco.re c.adsco.re
2 c.adsco.re c1.popads.net
c.adsco.re
2 ssl.google-analytics.com www.heypasteit.com
2 heypasteit.com 2 redirects
1 serve.popads.net c1.popads.net
1 lhb2fgotflbd.s.adsco.re c.adsco.re
1 lhb2fgotflbd.n.adsco.re c.adsco.re
1 lhb2fgotflbd.l.adsco.re c.adsco.re
1 adsco.re c.adsco.re
1 in.getclicky.com static.getclicky.com
1 c1.popads.net www.heypasteit.com
1 static.getclicky.com www.heypasteit.com
23 14

This site contains links to these domains. Also see Links.

Domain
adsco.re
www.twitter.com
Subject Issuer Validity Valid
sni67056.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-07 -
2019-09-13		 6 months crt.sh
ssl468981.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-01-21 -
2019-07-30		 6 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
1355769017.rsc.cdn77.org
Let's Encrypt Authority X3		 2019-02-05 -
2019-05-06		 3 months crt.sh
*.adsco.re
COMODO RSA Organization Validation Secure Server CA		 2017-09-26 -
2020-09-25		 3 years crt.sh
*.getclicky.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-29 -
2020-10-15		 2 years crt.sh
162.252.214.4
Sectigo RSA Organization Validation Secure Server CA		 2019-03-04 -
2021-03-03		 2 years crt.sh
*.l.adsco.re
COMODO RSA Domain Validation Secure Server CA		 2018-07-14 -
2020-07-13		 2 years crt.sh
*.n.adsco.re
COMODO RSA Domain Validation Secure Server CA		 2018-07-30 -
2020-07-29		 2 years crt.sh
*.s.adsco.re
COMODO RSA Domain Validation Secure Server CA		 2018-07-30 -
2020-07-29		 2 years crt.sh
*.popads.net
COMODO RSA Domain Validation Secure Server CA		 2018-06-18 -
2020-06-17		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://www.heypasteit.com/
Frame ID: 56055B3D579E067481F82C5D1EBCFA19
Requests: 22 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 86DEA69BC79F2CFC08E3A66BF39244E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://heypasteit.com/ HTTP 301
    https://heypasteit.com/ HTTP 301
    http://www.heypasteit.com/ HTTP 301
    https://www.heypasteit.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /mootools.*\.js/i
  • env /^MooTools$/i
Overall confidence: 100%
Detected patterns
  • script /static\.getclicky\.com/i
  • env /^clicky$/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Page Statistics

23
Requests

100 %
HTTPS

38 %
IPv6

5
Domains

14
Subdomains

12
IPs

4
Countries

62 kB
Transfer

161 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://heypasteit.com/ HTTP 301
    https://heypasteit.com/ HTTP 301
    http://www.heypasteit.com/ HTTP 301
    https://www.heypasteit.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heypasteit.com/
Redirect Chain
  • http://heypasteit.com/
  • https://heypasteit.com/
  • http://www.heypasteit.com/
  • https://www.heypasteit.com/
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heypasteit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:705 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.4.45
Resource Hash
2d2baf5b494b514af3fddb6ea180d916bb1dd7417ff9391baa0dbcc4084643f6

Request headers

:method
GET
:authority
www.heypasteit.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
cookie
__cfduid=d02f91fdeaa55ef227d08ef6d4983e9fb1552587409
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Thu, 14 Mar 2019 18:16:49 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4b783daeddf3979e-FRA
content-encoding
br

Redirect headers

Date
Thu, 14 Mar 2019 18:16:49 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Thu, 14 Mar 2019 19:16:49 GMT
Location
https://www.heypasteit.com/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4b783daebf0d236c-FRA
88hewgptcmUkoZ9bU8xH2kUZ6r0.js
www.heypasteit.com/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heypasteit.com/cdn-cgi/apps/head/88hewgptcmUkoZ9bU8xH2kUZ6r0.js
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:705 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cf0323b5a6c93a3abb8a645166eee16a6367a278a12ca26665fee4db045d14d

Request headers

:path
/cdn-cgi/apps/head/88hewgptcmUkoZ9bU8xH2kUZ6r0.js
pragma
no-cache
cookie
__cfduid=d02f91fdeaa55ef227d08ef6d4983e9fb1552587409
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.heypasteit.com
referer
https://www.heypasteit.com/
:scheme
https
:method
GET
Referer
https://www.heypasteit.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Mar 2019 18:16:50 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
7197C0DAEA916389
status
200
x-amz-version-id
VBlfkY3nr.xYrEaOrumMVkq.iSycPoGC
x-amz-id-2
DWDsBf9SK+widjnNwFNM0F0z3NOfTSYx2CFt21eX5mIbpK1a03Pn+qBrk+4peWZx32VQnTCHb7o=
last-modified
Mon, 24 Jul 2017 22:02:04 GMT
server
cloudflare
etag
W/"6fedca78a48b7a636689393f36466422"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
4b783db13a4b979e-FRA
expires
Fri, 13 Mar 2020 18:16:50 GMT
style.css
www.heypasteit.com/ 		2 KB
818 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heypasteit.com/style.css
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:705 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae95a0e0c5418507e55778f9d0d5de5354304b0745e34b532639a31e0e4cc49a

Request headers

:path
/style.css
pragma
no-cache
cookie
__cfduid=d02f91fdeaa55ef227d08ef6d4983e9fb1552587409
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.heypasteit.com
referer
https://www.heypasteit.com/
:scheme
https
:method
GET
Referer
https://www.heypasteit.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Mar 2019 18:16:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2013 22:37:46 GMT
server
cloudflare
etag
W/"512e8aba-9d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=691200
cf-polished
origSize=2521
cf-bgj
minify
cf-ray
4b783db13a4a979e-FRA
expires
Fri, 22 Mar 2019 18:16:50 GMT
mootools.js
www.heypasteit.com/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heypasteit.com/js/mootools.js
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:705 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7186dbee771a0c5ee65b9ac500a7918e1805ad0459bfa516131e2e039b1b65d3

Request headers

:path
/js/mootools.js
pragma
no-cache
cookie
__cfduid=d02f91fdeaa55ef227d08ef6d4983e9fb1552587409
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.heypasteit.com
referer
https://www.heypasteit.com/
:scheme
https
:method
GET
Referer
https://www.heypasteit.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Mar 2019 18:16:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2013 22:37:46 GMT
server
cloudflare
etag
W/"512e8aba-5afd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=691200
cf-polished
origSize=23293
cf-bgj
minify
cf-ray
4b783db13a4c979e-FRA
expires
Fri, 22 Mar 2019 18:16:50 GMT
hey-paste-it.png
www.heypasteit.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heypasteit.com/img/hey-paste-it.png
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:705 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
734e1e5de690f6c532be30c6f24274221eb4d9281a14db435b791cd2a879ded5

Request headers

:path
/img/hey-paste-it.png
pragma
no-cache
cookie
__cfduid=d02f91fdeaa55ef227d08ef6d4983e9fb1552587409
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.heypasteit.com
referer
https://www.heypasteit.com/
:scheme
https
:method
GET
Referer
https://www.heypasteit.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Mar 2019 18:16:50 GMT
cf-cache-status
HIT
cf-polished
origSize=4800
status
200
last-modified
Wed, 27 Feb 2013 22:37:46 GMT
content-length
3649
cf-bgj
imgq:100
server
cloudflare
etag
"512e8aba-12c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
4b783db13a4d979e-FRA
expires
Fri, 22 Mar 2019 18:16:50 GMT
js
static.getclicky.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getclicky.com/js
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/cdn-cgi/apps/head/88hewgptcmUkoZ9bU8xH2kUZ6r0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf0fdaf39995776ab355a621c66e0ba2da52f8f3a55b1b859eeb8eab2ca644b

Request headers

Referer
https://www.heypasteit.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Mar 2019 18:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=604800
cf-ray
4b783db1bbd397a4-FRA
x-proxy-cache
HIT
expires
Thu, 21 Mar 2019 18:16:50 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heypasteit.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
3619
date
Thu, 14 Mar 2019 17:16:31 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17168
expires
Thu, 14 Mar 2019 19:16:31 GMT
pop.js
c1.popads.net/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.popads.net/pop.js
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.9 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
da9cd8cc3915975904df4521782ad4a9def5afbd81af16b964043101b5b0e222

Request headers

Referer
https://www.heypasteit.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Mar 2019 18:16:50 GMT
content-encoding
br
last-modified
Sat, 02 Mar 2019 08:44:46 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
W/"5c7a427e-78b8"
x-cache
HIT
content-type
application/javascript
status
200
x-edge-ip
195.181.174.1
x-age
5419
text-bg.png
www.heypasteit.com/img/ 		133 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heypasteit.com/img/text-bg.png
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:705 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f9a24c73d65b43475c9b18dcf762bfac00d39ca147ab7ede38b9a9ba41d7068

Request headers

:path
/img/text-bg.png
pragma
no-cache
cookie
__cfduid=d02f91fdeaa55ef227d08ef6d4983e9fb1552587409
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.heypasteit.com
referer
https://www.heypasteit.com/style.css
:scheme
https
:method
GET
Referer
https://www.heypasteit.com/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Mar 2019 18:16:50 GMT
cf-cache-status
HIT
cf-polished
origSize=174
status
200
last-modified
Wed, 27 Feb 2013 22:37:46 GMT
content-length
133
cf-bgj
imgq:100
server
cloudflare
etag
"512e8aba-ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
4b783db18ac8979e-FRA
expires
Fri, 22 Mar 2019 18:16:50 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=11424538&utmhn=www.heypasteit.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Copy-Paste%20online&utmhid=1148433550&utmr=-&utmp=%2F&utmht=1552587410272&utmac=UA-843262-37&utmcc=__utma%3D189394482.1987776399.1552587410.1552587410.1552587410.1%3B%2B__utmz%3D189394482.1552587410.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1208317166&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.heypasteit.com
URL: https://www.heypasteit.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heypasteit.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2019 18:16:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
c.adsco.re/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c1.popads.net
URL: https://c1.popads.net/pop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eac9314e4137faba1925e09a28740d714945d66888a47d6fb73eb33e645fd09

Request headers

Referer
https://www.heypasteit.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Mar 2019 18:16:50 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
etag
W/"4B16OAuZQIord+EpEvRu2A=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
status
200
cache-control
max-age=10800,public,immutable,no-transform
cf-ray
4b783db368f99720-FRA
link
<//adsco.re>;rel=preconnect,<//6.adsco.re>;rel=prefetch
expires
Mon, 11 Mar 2019 22:46:31 GMT
in.php
in.getclicky.com/ 		154 B
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.getclicky.com/in.php?site_id=101001127&type=pageview&href=%2F&title=Copy-Paste%20online&res=1600x1200&lang=en&jsuid=1590650783&mime=js&x=0.3775036629376276
Requested by
Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.145.13.14 Wilsonville, United States, ASN2044 (IINET-2044 - Infinity Internet, Inc., US),
Reverse DNS
getclicky.com
Software
nginx /
Resource Hash
0158294f304bc9880ee8ee86f6d87a4a8285ba88f6fd04b83847b78c602ac5f3

Request headers

Referer
https://www.heypasteit.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Mar 2019 18:16:50 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
6.adsco.re/ 		0
192 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Purpose
prefetch
Referer
https://www.heypasteit.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Mar 2019 18:16:50 GMT
content-encoding
br
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain;charset=UTF-8
status
200
access-control-max-age
2592000
cache-control
max-age=600,public,immutable
cf-ray
4b783db3a9589720-FRA
t
adsco.re/ 		67 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/t
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 -, , ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
d30037802015657dc95ee75b39f5da5965682adb0016df0ec4aa045e54f5ce67

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.heypasteit.com/
Origin
https://www.heypasteit.com

Response headers

Date
Thu, 14 Mar 2019 18:16:50 GMT
Access-Control-Max-Age
2592000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.heypasteit.com
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
t
162.252.214.4/ 		67 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://162.252.214.4/t
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.4 -, , ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
d30037802015657dc95ee75b39f5da5965682adb0016df0ec4aa045e54f5ce67

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.heypasteit.com/
Origin
https://www.heypasteit.com

Response headers

Date
Thu, 14 Mar 2019 18:16:50 GMT
Access-Control-Max-Age
2592000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.heypasteit.com
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
t
w.adsco.re/ 		67 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://w.adsco.re/t
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 -, , ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
d30037802015657dc95ee75b39f5da5965682adb0016df0ec4aa045e54f5ce67

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.heypasteit.com/
Origin
https://www.heypasteit.com

Response headers

Date
Thu, 14 Mar 2019 18:16:50 GMT
Access-Control-Max-Age
2592000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.heypasteit.com
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
/
6.adsco.re/ 		56 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09fe684ad7e0f8df84e8e8182c7392a4e1c3b53d8fdbba5bbca5972464bf110a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.heypasteit.com/
Origin
https://www.heypasteit.com

Response headers

date
Thu, 14 Mar 2019 18:16:50 GMT
content-encoding
br
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.heypasteit.com
access-control-max-age
2592000
cache-control
max-age=600,public,immutable
cf-ray
4b783db63f1b97e0-FRA
/
lhb2fgotflbd.l.adsco.re/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lhb2fgotflbd.l.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.200.118.90 -, , ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.heypasteit.com/
Origin
https://www.heypasteit.com

Response headers

Date
Thu, 14 Mar 2019 18:16:50 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
lhb2fgotflbd.n.adsco.re/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lhb2fgotflbd.n.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.132.109.186 , United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.heypasteit.com/
Origin
https://www.heypasteit.com

Response headers

Date
Thu, 14 Mar 2019 18:16:51 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
lhb2fgotflbd.s.adsco.re/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lhb2fgotflbd.s.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.200.116.90 -, , ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.heypasteit.com/
Origin
https://www.heypasteit.com

Response headers

Date
Thu, 14 Mar 2019 18:16:51 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame 86DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
c.adsco.re
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.heypasteit.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.heypasteit.com/

Response headers

status
200
date
Thu, 14 Mar 2019 18:16:50 GMT
content-type
text/html
cache-control
max-age=10800,public,immutable,no-transform
link
<//adsco.re>;rel=preconnect,<//6.adsco.re>;rel=prefetch
expires
Mon, 11 Mar 2019 22:46:31 GMT
etag
W/"4B16OAuZQIord+EpEvRu2A=="
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4b783db5ed279720-FRA
content-encoding
br
p
w.adsco.re/ 		208 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://w.adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 -, , ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
541cf0f32214c6bc44c4168f9c1d13ba3081b21328bd754c585f0af640e7996e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.heypasteit.com/
Origin
https://www.heypasteit.com

Response headers

Date
Thu, 14 Mar 2019 18:16:51 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://www.heypasteit.com
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
c
serve.popads.net/ 		44 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://serve.popads.net/c?_=BAgAXIqakwFcipqTgAGBAcAAIF0GSOoeietCzWmxnDEET4Go5Z2sZNLHNFrk6Rhb07KrwQAgsylnq_6IrY6TNs7Ks8LWBABuhrejX_E8MfIt8gSlNRHCACB5mo3D_wmBDi8FPOjFTkjlEc17QF0M0AOYIm9ABecoisMAIDBKw0zLQFl1rnUH-WugVSgD1cmYcPy1SJ4dWESYjJNE&v=4&siteId=611396&minBid=&popundersPerIP=&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200
Requested by
Host: c1.popads.net
URL: https://c1.popads.net/pop.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
216.21.13.11 , United States, ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

Referer
https://www.heypasteit.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 14 Mar 2019 18:16:51 GMT
PopAds-EC
ASB
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
44
Content-Type
text/javascript;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| Eager object| CloudflareApps object| clicky_site_ids object| MooTools function| $defined function| $type function| $merge function| $extend function| $native function| $chk function| $pick function| $random function| $time function| $clear function| Abstract function| Class function| Chain function| Events function| Options function| $A function| $each function| Elements function| $ function| $$ object| Garbage function| XHR function| Ajax function| extend boolean| xpath boolean| webkit420 boolean| webkit boolean| khtml function| addListener function| removeListener function| paste function| completed function| doFocus function| doBlur function| calcLen function| getclip object| _gaq string| _gaid object| _pop object| _gat object| gaGlobal object| clicky_obj object| clicky object| clicky_custom object| _genericStats object| _genericStatsCustom object| popjs object| Base64 function| pafban object| detectZoom object| PopAds object| _pao function| AdscoreInit number| a function| ed number| t number| newTime number| r number| g number| b string| bt

6 Cookies

Domain/Path Name / Value
.heypasteit.com/ Name: __utmz
Value: 189394482.1552587410.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.heypasteit.com/ Name: __utmc
Value: 189394482
.heypasteit.com/ Name: __cfduid
Value: d02f91fdeaa55ef227d08ef6d4983e9fb1552587409
.heypasteit.com/ Name: __utmt
Value: 1
.heypasteit.com/ Name: __utmb
Value: 189394482.1.10.1552587410
.heypasteit.com/ Name: __utma
Value: 189394482.1987776399.1552587410.1552587410.1552587410.1

1 Console Messages

Source Level URL
Text
console-api log URL: https://c.adsco.re/(Line 13)
Message:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6.adsco.re
adsco.re
c.adsco.re
c1.popads.net
heypasteit.com
in.getclicky.com
lhb2fgotflbd.l.adsco.re
lhb2fgotflbd.n.adsco.re
lhb2fgotflbd.s.adsco.re
serve.popads.net
ssl.google-analytics.com
static.getclicky.com
w.adsco.re
www.heypasteit.com
162.252.214.4
162.252.214.5
185.200.116.90
185.200.118.90
195.181.174.9
198.145.13.14
216.21.13.11
2606:4700:30::681c:605
2606:4700:30::681c:705
2606:4700::6810:a010
2606:4700::6811:a7ba
2a00:1450:4001:820::2008
38.132.109.186
0158294f304bc9880ee8ee86f6d87a4a8285ba88f6fd04b83847b78c602ac5f3
09fe684ad7e0f8df84e8e8182c7392a4e1c3b53d8fdbba5bbca5972464bf110a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2d2baf5b494b514af3fddb6ea180d916bb1dd7417ff9391baa0dbcc4084643f6
541cf0f32214c6bc44c4168f9c1d13ba3081b21328bd754c585f0af640e7996e
7186dbee771a0c5ee65b9ac500a7918e1805ad0459bfa516131e2e039b1b65d3
734e1e5de690f6c532be30c6f24274221eb4d9281a14db435b791cd2a879ded5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8cf0323b5a6c93a3abb8a645166eee16a6367a278a12ca26665fee4db045d14d
8eac9314e4137faba1925e09a28740d714945d66888a47d6fb73eb33e645fd09
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
9f9a24c73d65b43475c9b18dcf762bfac00d39ca147ab7ede38b9a9ba41d7068
ae95a0e0c5418507e55778f9d0d5de5354304b0745e34b532639a31e0e4cc49a
d30037802015657dc95ee75b39f5da5965682adb0016df0ec4aa045e54f5ce67
da9cd8cc3915975904df4521782ad4a9def5afbd81af16b964043101b5b0e222
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf0fdaf39995776ab355a621c66e0ba2da52f8f3a55b1b859eeb8eab2ca644b