ad2bitcoin.com Open in urlscan Pro
162.0.208.108 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ad2bitcoin.com/ad.php?ref=agony554&width=728
Submission Tags: phishing
Submission: On October 09 via api (October 9th 2023, 12:30:20 pm UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 14 HTTP transactions. The main IP is 162.0.208.108, located in United States and belongs to NAMECHEAP-NET, US. The main domain is ad2bitcoin.com. The Cisco Umbrella rank of the primary domain is 693172.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 20th 2023. Valid for: 3 months.

This is the only time ad2bitcoin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	162.0.208.108 162.0.208.108	22612 (NAMECHEAP...) (NAMECHEAP-NET)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	68.65.121.78 68.65.121.78	22612 (NAMECHEAP...) (NAMECHEAP-NET)
6	78.46.33.196 78.46.33.196	24940 (HETZNER-AS) (HETZNER-AS)
14	5

4 162.0.208.108 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: nc-ph-2974.zerads.com

ad2bitcoin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dogeminers.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
file2btc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cryptocoinsad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.65.121.78 (New Kensington, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server1.autotradelot.com

freezeroco.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 78.46.33.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.33.46.78.clients.your-server.de

acceptable.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	a-ads.com acceptable.a-ads.com — Cisco Umbrella Rank: 160266 static.a-ads.com — Cisco Umbrella Rank: 46836 ad.a-ads.com — Cisco Umbrella Rank: 35458	2 MB
3	cryptocoinsad.com cryptocoinsad.com — Cisco Umbrella Rank: 286196	55 KB
2	ad2bitcoin.com ad2bitcoin.com — Cisco Umbrella Rank: 693172	2 KB
1	freezeroco.in freezeroco.in	512 B
1	file2btc.com file2btc.com	454 B
1	dogeminers.net dogeminers.net	476 B
14	6

	Domain	Requested by
3	static.a-ads.com	acceptable.a-ads.com ad.a-ads.com
3	cryptocoinsad.com	ad2bitcoin.com freezeroco.in cryptocoinsad.com
2	acceptable.a-ads.com	dogeminers.net file2btc.com
2	ad2bitcoin.com	ad2bitcoin.com
1	ad.a-ads.com	ad2bitcoin.com
1	freezeroco.in	ad2bitcoin.com
1	file2btc.com	ad2bitcoin.com
1	dogeminers.net	ad2bitcoin.com
14	8

This site contains no links.

Subject Issuer	Validity	Valid
ad2bitcoin.com cPanel, Inc. Certification Authority	`2023-08-20` - `2023-11-18`	3 months	crt.sh
cryptocoinsad.com GTS CA 1P5	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.dogeminers.net R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
*.file2btc.com R3	`2023-09-22` - `2023-12-21`	3 months	crt.sh
freezeroco.in cPanel, Inc. Certification Authority	`2023-09-18` - `2023-12-17`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-21` - `2024-01-21`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://ad2bitcoin.com/ad.php?ref=agony554&width=728
Frame ID: 7A25EFF49E130E60A63779D6E323EE28
Requests: 3 HTTP requests in this frame

Frame: https://ad2bitcoin.com/adqlt.php?ref=agony554&keycode=9123
Frame ID: 43757EA700EF7F37EFC20670DE1F4F89
Requests: 1 HTTP requests in this frame

Frame: https://dogeminers.net/aads.php
Frame ID: FCF253E5FA2179350BC7BED8FA454182
Requests: 1 HTTP requests in this frame

Frame: https://file2btc.com/ads.php
Frame ID: F7E449845D66C11F9A71F73A73D20472
Requests: 1 HTTP requests in this frame

Frame: https://freezeroco.in/728x90b.php
Frame ID: 471C1F374E2A8F9F6B134B16D8EEFDE1
Requests: 1 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/1703011?size=468x60
Frame ID: 988F02BEDDAD43EC1960B21ED1331AD6
Requests: 2 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/1699190?size=728x90
Frame ID: B4CD6561B2B359A283EC3C55A7FC8384
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1110727?size=728x90
Frame ID: ECC8A30F4347FB77A36EE5749CCDBE29
Requests: 3 HTTP requests in this frame

Frame: https://cryptocoinsad.com/ads/show.php?a=252146&b=393139
Frame ID: 5755B8540FF2DEFCD9415559A04E794F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

14
Requests

100 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

5
IPs

2
Countries

1856 kB
Transfer

1906 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request ad.php Show response
ad2bitcoin.com/ 2 KB
2 KB 768ms
158ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

ad2bitcoin.com Open in urlscan Pro 162.0.208.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

25 %IPv6

6 Domains

8 Subdomains

5 IPs

2 Countries

1856 kBTransfer

1906 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

ad2bitcoin.com Open in urlscan Pro
162.0.208.108 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

5
IPs

2
Countries

1856 kB
Transfer

1906 kB
Size

0
Cookies

14 HTTP transactions
2 data transactions