URL: https://pastead.com/?promote=3944
Submission: On November 09 via manual from BR — Scanned from US

Summary

This website contacted 11 IPs in 2 countries across 15 domains to perform 19 HTTP transactions. The main IP is 162.0.208.108, located in Lebanon, United States and belongs to NAMECHEAP-NET, US. The main domain is pastead.com.
TLS certificate: Issued by R11 on September 27th 2024. Valid for: 3 months.
This is the only time pastead.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 162.0.208.108 22612 (NAMECHEAP...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2600:9000:27c... 16509 (AMAZON-02)
1 2606:2800:21f... 15133 (EDGECAST)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 162.249.168.129 26548 (PUREVOLTA...)
1 193.38.54.114 44477 (STARK-IND...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 52.24.101.161 16509 (AMAZON-02)
1 2600:9000:27c... 16509 (AMAZON-02)
19 11
Apex Domain
Subdomains
Transfer
3 pastead.com
pastead.com
6 KB
2 zerads.com
zerads.com — Cisco Umbrella Rank: 985713
2 snipboard.io
snipboard.io — Cisco Umbrella Rank: 425860
i.snipboard.io — Cisco Umbrella Rank: 550742
52 KB
2 teletype.in
img3.teletype.in
img4.teletype.in
512 KB
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10512
45 KB
1 crypto-motorsports.com
crypto-motorsports.com
449 KB
1 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 17317
612 KB
1 licdn.com
media-exp1.licdn.com — Cisco Umbrella Rank: 70123
83 KB
1 brave.com
imgs.search.brave.com — Cisco Umbrella Rank: 27383
16 KB
1 grab.tc
grab.tc
226 KB
1 steemitimages.com
steemitimages.com — Cisco Umbrella Rank: 159852
127 KB
0 waaap.net Failed
waaap.net Failed
0 advprofit.ru Failed
advprofit.ru Failed
0 dutchycorp.space Failed
dutchycorp.space Failed
0 clickbank.net Failed
orders.clickbank.net Failed
19 15
Domain Requested by
3 pastead.com pastead.com
2 zerads.com pastead.com
1 i.snipboard.io pastead.com
1 snipboard.io 1 redirects
1 blogger.googleusercontent.com pastead.com
1 img4.teletype.in pastead.com
1 crypto-motorsports.com pastead.com
1 i.postimg.cc pastead.com
1 img3.teletype.in pastead.com
1 media-exp1.licdn.com pastead.com
1 imgs.search.brave.com pastead.com
1 grab.tc pastead.com
1 steemitimages.com pastead.com
0 waaap.net Failed pastead.com
0 advprofit.ru Failed pastead.com
0 dutchycorp.space Failed pastead.com
0 orders.clickbank.net Failed pastead.com
19 17

This site contains links to these domains. Also see Links.

Domain
zerads.com
Subject Issuer Validity Valid
pastead.com
R11
2024-09-27 -
2024-12-26
3 months crt.sh
steemitimages.com
E6
2024-10-24 -
2025-01-22
3 months crt.sh
grab.tc
WE1
2024-10-31 -
2025-01-29
3 months crt.sh
img.search.brave.com
Amazon RSA 2048 M02
2024-01-01 -
2025-01-29
a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2024-07-10 -
2025-07-09
a year crt.sh
teletype.in
WE1
2024-10-12 -
2025-01-10
3 months crt.sh
postimg.cc
E5
2024-10-20 -
2025-01-18
3 months crt.sh
crypto-motorsports.com
R10
2024-10-19 -
2025-01-17
3 months crt.sh
*.googleusercontent.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.zerads.com
R10
2024-09-18 -
2024-12-17
3 months crt.sh

This page contains 3 frames:

Primary Page: https://pastead.com/?promote=3944
Frame ID: 4E32AAE245E90EBB992D02B6A7763C81
Requests: 17 HTTP requests in this frame

Frame: https://zerads.com/ad/ad.php?width=728&ref=394
Frame ID: 98D75B9E052F106958A7CBCC1B21B773
Requests: 1 HTTP requests in this frame

Frame: https://zerads.com/ad/pop.php?ref=394
Frame ID: EB4BA93CEF718519336B8AD2EB84A0B2
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

PasteAd.com - Anonymous Free Advertising Board

Page Statistics

19
Requests

74 %
HTTPS

64 %
IPv6

15
Domains

17
Subdomains

11
IPs

2
Countries

2128 kB
Transfer

2139 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://bit.ly/KetoDietPlan-2022 HTTP 301
  • https://4da7civfe5-9kdxxn33c3x9l1i.hop.clickbank.net/ HTTP 307
  • https://orders.clickbank.net/hop-error?errCode=afblacklisted&destinationUrl=https%3A%2F%2Fyourcustomplan.com%3FhopId%3Dd75ba971-cf17-44bf-8ea9-be0f4f7a5ec7
Request Chain 13
  • https://snipboard.io/bRa4q8.jpg HTTP 302
  • https://i.snipboard.io/bRa4q8.jpg

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
pastead.com/
21 KB
5 KB
Document
General
Full URL
https://pastead.com/?promote=3944
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.208.108 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-2974.zerads.com
Software
Apache /
Resource Hash
621d0f241c498d8b2234b6aa956471059887af5f4383bca002c4d3f1dc5ff1ec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
4837
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Nov 2024 01:10:57 GMT
Keep-Alive
timeout=5, max=50
Server
Apache
Vary
Accept-Encoding,User-Agent
style.css
pastead.com/
2 KB
969 B
Stylesheet
General
Full URL
https://pastead.com/style.css
Requested by
Host: pastead.com
URL: https://pastead.com/?promote=3944
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.208.108 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-2974.zerads.com
Software
Apache /
Resource Hash
a0e10c08a652773a479fd705f05e6e94e25aa4395e8165e64a74e880f0b6870f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pastead.com/?promote=3944

Response headers

Content-Encoding
gzip
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
671
Keep-Alive
timeout=5, max=49
Date
Sat, 09 Nov 2024 01:10:58 GMT
Last-Modified
Sat, 23 Jul 2022 19:58:53 GMT
Vary
Accept-Encoding,User-Agent
Server
Apache
Content-Type
text/css
2N61tyyncFaFVtpM8rCsJzDgecVMtkz4jpzBsszXjhqan9oSxNUiLntKumUx6UXTnjRZBagC7t4wvcU8NfMFRFUUeTxXqYciwYQibrkEfPq2QTEahQD2wEJX5bpqnWRQhwYhW7YSwNYE
steemitimages.com/p/
126 KB
127 KB
Image
General
Full URL
https://steemitimages.com/p/2N61tyyncFaFVtpM8rCsJzDgecVMtkz4jpzBsszXjhqan9oSxNUiLntKumUx6UXTnjRZBagC7t4wvcU8NfMFRFUUeTxXqYciwYQibrkEfPq2QTEahQD2wEJX5bpqnWRQhwYhW7YSwNYE?format=match&mode=fit&width=1280
Requested by
Host: pastead.com
URL: https://pastead.com/?promote=3944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb53a33b09d8e7db16c167782532e4695312185d1c6957963407ef1222d42138

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pastead.com/

Response headers

x-request-id
Root=1-672eb6a2-7f48d5430798d46a2e978f4e
cache-control
public,max-age=29030400,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=anggJuVVAfF2H4QA352jcFkjx97ZYLEcVCJc7zOR52oRxp9Ug7m2qsCC6TYBckzjbxIhyw3EqiCfjqmbEqgW10UDqKCtHluJdLhKycDtozTTtcR5sp%2B7B5jUhsKdRC6RfQgCxEALlOt49%2F26CM6a%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8df9ed15086bc327-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10901&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4105&recv_bytes=4561&delivery_rate=661&cwnd=12000&unsent_bytes=0&cid=679bc78da97584a7&ts=202&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 01:10:58 GMT
content-type
image/jpeg
vary
Origin, Accept-Encoding
server
cloudflare
last-modified
Sat, 09 Nov 2024 01:10:58 GMT
priority
u=2,i
728.gif
grab.tc/promo/
225 KB
226 KB
Image
General
Full URL
https://grab.tc/promo/728.gif
Requested by
Host: pastead.com
URL: https://pastead.com/?promote=3944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03fa4a7a2e373cfdbe38f28682ddb080b66de440d678ac8e7f264bb49a87abbb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pastead.com/

Response headers

cf-cache-status
HIT
etag
"38317-5ed6aa2a-1f92e30;;;"
age
40197
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gYVCNN67jbMQY0Lu37WboXz8roqjmBf56LgY9kGTWGocSwoOXfoxL5%2Fa1JY6cJlsDP3CG%2FTkTt6O2iKmZL9r7HqOXZVYE1%2ByUsQ9MGBJ%2BONqaf%2FYv2h6dzbiFwAS%2B3BeDnsWHK%2FN"}],"group":"cf-nel","max_age":604800}
expires
Fri, 15 Nov 2024 14:01:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9137&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4186&recv_bytes=4332&delivery_rate=69762&cwnd=12000&unsent_bytes=0&cid=ed1cc85c01d1003d&ts=36&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 01:10:58 GMT
content-type
image/gif
last-modified
Tue, 02 Jun 2020 19:36:10 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8df9ed161b4f42ca-EWR
accept-ranges
bytes
content-length
230167
server
cloudflare
MDE0ODE1ODQuanBn
imgs.search.brave.com/V9o6cY8rrv0JjlvON2HgzaKNHq5w8boIGl7rPzrarWM/rs:fit:500:0:0:0/g:ce/aHR0cHM6Ly90aHVt/YnMuZHJlYW1zdGlt/ZS5jb20vYi9iaXRj/b2luLWJhbm5lci1o/ZWFkZXItZ29sZC1j/b2luLWNyeXB0b2N1/cnJlbmN...
16 KB
16 KB
Image
General
Full URL
https://imgs.search.brave.com/V9o6cY8rrv0JjlvON2HgzaKNHq5w8boIGl7rPzrarWM/rs:fit:500:0:0:0/g:ce/aHR0cHM6Ly90aHVt/YnMuZHJlYW1zdGlt/ZS5jb20vYi9iaXRj/b2luLWJhbm5lci1o/ZWFkZXItZ29sZC1j/b2luLWNyeXB0b2N1/cnJlbmN5LXNwYWNl/LWJpdGNvaW4tYmFu/bmVyLWhlYWRlci1n/b2xkLWNvaW4tY3J5/cHRvY3VycmVuY3kt/c3BhY2UteW91ci0x/MDE0ODE1ODQuanBn
Requested by
Host: pastead.com
URL: https://pastead.com/?promote=3944
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27ce:ea00:7:7f8e:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0f31ff9257f02c971c5994ac17e2c76e9c4a75ed79d0919036b80f630ecd1406
Security Headers
Name Value
Content-Security-Policy script-src 'none', sandbox
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pastead.com/

Response headers

vary
Accept, Origin
x-request-id
NzBcYiMHJReNQbImI1-vg
content-security-policy
script-src 'none', sandbox
cache-control
max-age=2592000, public
x-content-type-options
nosniff
via
1.1 be1c65ef44cd2c4cae9eeabb07ce35a4.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
16214
x-amz-cf-id
Zw93XBsZhMQbrEbqeQ22rIBikou9EBgKnkjPCDzkT8ji8qM_4LTXYA==
date
Sat, 09 Nov 2024 01:10:58 GMT
content-type
image/webp
content-disposition
inline; filename="bitcoin-banner-header-gold-coin-cryptocurrency-space-bitcoin-banner-header-gold-coin-cryptocurrency-space-your-101481584.webp"
server
nginx
x-amz-cf-pop
IAD55-P7
x-frame-options
DENY
1519798261731
media-exp1.licdn.com/dms/image/C561BAQELfOA4wys97g/company-background_10000/0/
82 KB
83 KB
Image
General
Full URL
https://media-exp1.licdn.com/dms/image/C561BAQELfOA4wys97g/company-background_10000/0/1519798261731?e=2147483647&v=beta&t=NQpJNJArdMc9YifrVTOTdpsQDPGsyY69KDZAoFmDUcg
Requested by
Host: pastead.com
URL: https://pastead.com/?promote=3944
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:fedd:8b7a:88ab:fc7e:fa3b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D135) /
Resource Hash
270262fced1fda227e7c1e993511a261643169d1c1bceacdb3d605f099b676a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pastead.com/

Response headers

access-control-expose-headers
X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
age
0
x-cdn-proto
HTTP2
x-li-fabric
prod-lva1
x-content-type-options
nosniff
x-li-proto
http/1.1
x-cache
MISS
x-ambry-blob-size
84421
date
Sat, 09 Nov 2024 01:10:58 GMT
content-type
image/jpeg
last-modified
Wed, 11 Mar 2020 11:30:15 GMT
x-cdn-client-ip-version
IPV6
x-li-pop
prod-lva1-x
cache-control
max-age=86400
timing-allow-origin
*
x-cdn
ECST
x-li-uuid
AAYmcIpDGi0u8TVheSeThA==
accept-ranges
bytes
access-control-allow-origin
*
content-length
84421
server
ECAcc (nyd/D135)
hop-error
orders.clickbank.net/
Redirect Chain
  • https://bit.ly/KetoDietPlan-2022
  • https://4da7civfe5-9kdxxn33c3x9l1i.hop.clickbank.net/
  • https://orders.clickbank.net/hop-error?errCode=afblacklisted&destinationUrl=https%3A%2F%2Fyourcustomplan.com%3FhopId%3Dd75ba971-cf17-44bf-8ea9-be0f4f7a5ec7
0
0

728x90.gif
dutchycorp.space/banners/Final-auto/V2/Coins/N/
0
0

6bf84711-73ae-47fb-86c3-db24c92e3cd0.gif
img3.teletype.in/files/6b/f8/
485 KB
486 KB
Image
General
Full URL
https://img3.teletype.in/files/6b/f8/6bf84711-73ae-47fb-86c3-db24c92e3cd0.gif
Requested by
Host: pastead.com
URL: https://pastead.com/?promote=3944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f99bfe5b5d2bbef12afe046a58000a27310606b0bd3ec4d71cb7a0083b23ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pastead.com/

Response headers

service-worker-allowed
/
etag
"f9b0f8d51133612fa8b5355422779457"
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2BAFcLNYUeI%2BKqLxUa14EqeS9bP0VDTLaZ0vI0GvIM8do6KKrxcW8onA4I%2FJ9C5Hl%2B%2BAcdPV%2BOjolXV9jQU2EXLa4p%2BfP9m5CB1Oq4kiTdQxpKT%2FZi5QR6zcIH6%2FJbKae96tNrFkPWSzM9peVxA%3D"}],"group":"cf-nel","max_age":604800}
x-amz-storage-class
STANDARD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9988&sent=35&recv=21&lost=0&retrans=0&sent_bytes=31273&recv_bytes=5199&delivery_rate=40535&cwnd=24000&unsent_bytes=0&cid=c8e102b72a58e50a&ts=435&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 01:10:58 GMT
x-rgw-object-type
Normal
content-type
image/gif
last-modified
Wed, 28 Jun 2023 17:45:41 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8df9ed14dc3b1967-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
496951
server
cloudflare
Dogecoin468-60-1-1.gif
i.postimg.cc/BZKXcV3k/
611 KB
612 KB
Image
General
Full URL
https://i.postimg.cc/BZKXcV3k/Dogecoin468-60-1-1.gif
Requested by
Host: pastead.com
URL: https://pastead.com/?promote=3944
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.249.168.129 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software
nginx /
Resource Hash
828b70b0530e105d8706c8f82372c93354a2b9402d15a61be13917e4d33e01a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pastead.com/

Response headers

cache-control
max-age=315360000, public
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
626131
date
Sat, 09 Nov 2024 01:11:00 GMT
content-type
image/gif
last-modified
Thu, 16 May 2024 05:22:54 GMT
server
nginx
motorspor-468.gif
crypto-motorsports.com/banner/
449 KB
449 KB
Image
General
Full URL
https://crypto-motorsports.com/banner/motorspor-468.gif
Requested by
Host: pastead.com
URL: https://pastead.com/?promote=3944
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.38.54.114 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
crypto-motorsports.online
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
86a1fb8720a1e623961325d1e97b0fd1976d5a7cce9b3e7940a7271f6fdd9daa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pastead.com/

Response headers

Cache-Control
max-age=86400
ETag
"664719ec-704b3"
Connection
keep-alive
Expires
Sun, 10 Nov 2024 01:10:58 GMT
Accept-Ranges
bytes
Content-Length
459955
Date
Sat, 09 Nov 2024 01:10:58 GMT
Content-Type
image/gif
Last-Modified
Fri, 17 May 2024 08:48:44 GMT
Server
nginx/1.18.0 (Ubuntu)
CMM2SMl0rklkYCZ648EXxBR22Maa051c.png
advprofit.ru/images/banners/66558/180030/
0
0

3c627825-0560-4ee8-842d-f5f6e73dd90b.png
img4.teletype.in/files/3c/62/
25 KB
26 KB
Image
General
Full URL
https://img4.teletype.in/files/3c/62/3c627825-0560-4ee8-842d-f5f6e73dd90b.png
Requested by
Host: pastead.com
URL: https://pastead.com/?promote=3944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f8e7fb707fcc43282be3898ede5f05ebb606f3e2928daeef94503046f149571

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pastead.com/

Response headers

service-worker-allowed
/
etag
"d9ead81c1023e23b27b5dca938232063"
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BLWbQHHskTwsFFtbb%2FcwVOhGeZZWUdQMKCkKDwObgvIkIZF2%2BSkWnfwKNFSITRk1l%2BFpTszincBZQ2EF57ljLZXgdTJ2a20ckNmqYdbIX3woIU9WOCyQeX5JiE245BcT4Xqkl%2BQ5yfJ%2F1ijYZAg%3D"}],"group":"cf-nel","max_age":604800}
x-amz-storage-class
STANDARD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11265&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4257&recv_bytes=4726&delivery_rate=1226&cwnd=12000&unsent_bytes=0&cid=c8e102b72a58e50a&ts=394&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 01:10:58 GMT
x-rgw-object-type
Normal
content-type
image/png
last-modified
Thu, 12 Jan 2023 04:01:35 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8df9ed150c731967-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
25689
server
cloudflare
fway.%201).jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7KYb4Zzx8GbFZvcb47zKAqWua_ykeR-TbZ_jA3MS-dlwuhia6s7XSRzAHjSxuj9ak75rwFHFS6WJsQSJm9Xj2JtkbHRMoWJgiy6o8ggt9Wn_EhERJpT7QQaflLZlGrod9zDXnhDW0ckcXSmXP...
45 KB
45 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7KYb4Zzx8GbFZvcb47zKAqWua_ykeR-TbZ_jA3MS-dlwuhia6s7XSRzAHjSxuj9ak75rwFHFS6WJsQSJm9Xj2JtkbHRMoWJgiy6o8ggt9Wn_EhERJpT7QQaflLZlGrod9zDXnhDW0ckcXSmXPGyCHXFmXvKtmBu9DjmVLteb0XSsUzIbD-CLNSMv4/w640-h80/fway.%201).jpg
Requested by
Host: pastead.com
URL: https://pastead.com/?promote=3944
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
aba79eb03a7ff56c27983f867ba53604b8599b88708dd980e35b8d3a5a5c732b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pastead.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v8c5"
x-content-type-options
nosniff
expires
Sun, 10 Nov 2024 01:10:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45653
date
Sat, 09 Nov 2024 01:10:58 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="fway. (1).jpg"
bRa4q8.jpg
i.snipboard.io/
Redirect Chain
  • https://snipboard.io/bRa4q8.jpg
  • https://i.snipboard.io/bRa4q8.jpg
51 KB
51 KB
Image
General
Full URL
https://i.snipboard.io/bRa4q8.jpg
Requested by
Host: pastead.com
URL: https://pastead.com/?promote=3944
Protocol
H2
Server
2600:9000:27ce:2c00:b:576d:5080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40f112c96075f28e1c5326c56e97e8909675314f4e31cbd488d4052864e96acd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pastead.com/

Response headers

vary
Origin
etag
"14c479ddabb299350272488f3cde56f7"
via
1.1 5afe13d9a6dd513ea0054947fa28dc18.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
52282
x-amz-cf-id
qp6MQe36JM8V-9t68vWQZEWKLmHl9fft50Yue6uf1hnNUMRGRxS6FA==
date
Sat, 09 Nov 2024 01:10:59 GMT
content-type
image/png
last-modified
Fri, 22 Dec 2023 06:30:01 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P7
x-amz-server-side-encryption
AES256

Redirect headers

location
https://i.snipboard.io/bRa4q8.jpg
date
Sat, 09 Nov 2024 01:10:58 GMT
content-type
text/html; charset=utf-8
server
nginx
ad.php
zerads.com/ad/ Frame 98D7
0
0
Document
General
Full URL
https://zerads.com/ad/ad.php?width=728&ref=394
Requested by
Host: pastead.com
URL: https://pastead.com/?promote=3944
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.208.108 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-2974.zerads.com
Software
Apache /
Resource Hash

Request headers

Referer
https://pastead.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
673
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Nov 2024 01:10:58 GMT
Keep-Alive
timeout=5, max=50
Server
Apache
Vary
Accept-Encoding,User-Agent
236
waaap.net/ad_c/
0
0

pop.php
zerads.com/ad/ Frame EB4B
0
0
Document
General
Full URL
https://zerads.com/ad/pop.php?ref=394
Requested by
Host: pastead.com
URL: https://pastead.com/?promote=3944
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.208.108 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-2974.zerads.com
Software
Apache /
Resource Hash

Request headers

Referer
https://pastead.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
21
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Nov 2024 01:10:58 GMT
Keep-Alive
timeout=5, max=50
Server
Apache
Vary
Accept-Encoding,User-Agent
back.jpg
pastead.com/img/
315 B
315 B
Image
General
Full URL
https://pastead.com/img/back.jpg
Requested by
Host: pastead.com
URL: https://pastead.com/?promote=3944
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.208.108 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-2974.zerads.com
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pastead.com/?promote=3944

Response headers

Keep-Alive
timeout=5, max=48
Content-Length
315
Date
Sat, 09 Nov 2024 01:10:58 GMT
Content-Type
text/html; charset=iso-8859-1
Server
Apache
Connection
Keep-Alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
orders.clickbank.net
URL
https://orders.clickbank.net/hop-error?errCode=afblacklisted&destinationUrl=https%3A%2F%2Fyourcustomplan.com%3FhopId%3Dd75ba971-cf17-44bf-8ea9-be0f4f7a5ec7
Domain
dutchycorp.space
URL
https://dutchycorp.space/banners/Final-auto/V2/Coins/N/728x90.gif
Domain
advprofit.ru
URL
https://advprofit.ru/images/banners/66558/180030/CMM2SMl0rklkYCZ648EXxBR22Maa051c.png
Domain
waaap.net
URL
https://waaap.net/ad_c/236

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| show_new_form2

0 Cookies

4 Console Messages

Source Level URL
Text
network error URL: https://dutchycorp.space/banners/Final-auto/V2/Coins/N/728x90.gif
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://pastead.com/img/back.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: https://pastead.com/?promote=3944
Message:
Access to fetch at 'https://waaap.net/ad_c/236' from origin 'https://pastead.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://waaap.net/ad_c/236
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

advprofit.ru
blogger.googleusercontent.com
crypto-motorsports.com
dutchycorp.space
grab.tc
i.postimg.cc
i.snipboard.io
img3.teletype.in
img4.teletype.in
imgs.search.brave.com
media-exp1.licdn.com
orders.clickbank.net
pastead.com
snipboard.io
steemitimages.com
waaap.net
zerads.com
advprofit.ru
dutchycorp.space
orders.clickbank.net
waaap.net
162.0.208.108
162.249.168.129
193.38.54.114
2600:9000:27ce:2c00:b:576d:5080:93a1
2600:9000:27ce:ea00:7:7f8e:6d00:93a1
2606:2800:21f:fedd:8b7a:88ab:fc7e:fa3b
2606:4700:20::681a:964
2606:4700:3030::ac43:a37e
2606:4700:3038::6815:ea7d
2607:f8b0:4004:c08::84
52.24.101.161
03fa4a7a2e373cfdbe38f28682ddb080b66de440d678ac8e7f264bb49a87abbb
0f31ff9257f02c971c5994ac17e2c76e9c4a75ed79d0919036b80f630ecd1406
270262fced1fda227e7c1e993511a261643169d1c1bceacdb3d605f099b676a2
40f112c96075f28e1c5326c56e97e8909675314f4e31cbd488d4052864e96acd
5f8e7fb707fcc43282be3898ede5f05ebb606f3e2928daeef94503046f149571
621d0f241c498d8b2234b6aa956471059887af5f4383bca002c4d3f1dc5ff1ec
66f99bfe5b5d2bbef12afe046a58000a27310606b0bd3ec4d71cb7a0083b23ce
828b70b0530e105d8706c8f82372c93354a2b9402d15a61be13917e4d33e01a0
86a1fb8720a1e623961325d1e97b0fd1976d5a7cce9b3e7940a7271f6fdd9daa
a0e10c08a652773a479fd705f05e6e94e25aa4395e8165e64a74e880f0b6870f
aba79eb03a7ff56c27983f867ba53604b8599b88708dd980e35b8d3a5a5c732b
bb53a33b09d8e7db16c167782532e4695312185d1c6957963407ef1222d42138
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3