ad2bitcoin.com Open in urlscan Pro
23.95.12.219 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ad2bitcoin.com/ad.php?ref=MarthaQS&width=300
Submission: On April 17 via api (April 17th 2020, 8:55:05 pm UTC) from CL

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 12 HTTP transactions. The main IP is 23.95.12.219, located in Buffalo, United States and belongs to AS-COLOCROSSING, US. The main domain is ad2bitcoin.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 4th 2020. Valid for: 3 months.

This is the only time ad2bitcoin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	23.95.12.219 23.95.12.219	36352 (AS-COLOCR...) (AS-COLOCROSSING)
1	107.172.10.124 107.172.10.124	36352 (AS-COLOCR...) (AS-COLOCROSSING)
1	23.91.69.195 23.91.69.195	62729 (ASMALLORA...) (ASMALLORANGE1)
3	2606:4700:20:... 2606:4700:20::681a:964	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.94.144.154 23.94.144.154	36352 (AS-COLOCR...) (AS-COLOCROSSING)
1	23.95.12.218 23.95.12.218	36352 (AS-COLOCR...) (AS-COLOCROSSING)
2	148.251.53.118 148.251.53.118	24940 (HETZNER-AS) (HETZNER-AS)
12	7

2 23.95.12.219 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 23-95-12-219-host.colocrossing.com

ad2bitcoin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.172.10.124 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: tabib4you.com

amazingfreebitcoin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.91.69.195 (Austin, United States)

ASN62729 (ASMALLORANGE1, US)
PTR: server1.membershipsitehosting.com

www.securebannerhosting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:964 (United States)

ASN13335 (CLOUDFLARENET, US)

www.gab.ag	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.94.144.154 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 23-94-144-154-host.colocrossing.com

cuturl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adalso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.95.12.218 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 23-95-12-218-host.colocrossing.com

tomygame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.53.118 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.118.53.251.148.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	gab.ag www.gab.ag
2	a-ads.com ad.a-ads.com
2	ad2bitcoin.com ad2bitcoin.com	3 KB
1	adalso.com adalso.com
1	tomygame.com tomygame.com
1	cuturl.cc cuturl.cc
1	securebannerhosting.com www.securebannerhosting.com	51 KB
1	amazingfreebitcoin.com amazingfreebitcoin.com	996 B
12	8

	Domain	Requested by
3	www.gab.ag	ad2bitcoin.com
2	ad.a-ads.com	ad2bitcoin.com
2	ad2bitcoin.com	ad2bitcoin.com
1	adalso.com	ad2bitcoin.com
1	tomygame.com	ad2bitcoin.com
1	cuturl.cc	ad2bitcoin.com
1	www.securebannerhosting.com	ad2bitcoin.com
1	amazingfreebitcoin.com	ad2bitcoin.com
12	8

This site contains no links.

Subject Issuer	Validity	Valid
ad2bitcoin.com cPanel, Inc. Certification Authority	`2020-03-04` - `2020-06-02`	3 months	crt.sh
amazingfreebitcoin.com cPanel, Inc. Certification Authority	`2020-03-03` - `2020-06-01`	3 months	crt.sh
securebannerhosting.com cPanel, Inc. Certification Authority	`2020-02-20` - `2020-05-20`	3 months	crt.sh
gab.ag CloudFlare Inc ECC CA-2	`2019-06-04` - `2020-06-03`	a year	crt.sh
cuturl.cc cPanel, Inc. Certification Authority	`2020-02-26` - `2020-05-26`	3 months	crt.sh
tomygame.com cPanel, Inc. Certification Authority	`2020-03-04` - `2020-06-02`	3 months	crt.sh
adalso.com cPanel, Inc. Certification Authority	`2020-02-26` - `2020-05-26`	3 months	crt.sh
*.a-ads.com COMODO RSA Domain Validation Secure Server CA	`2018-11-14` - `2020-12-09`	2 years	crt.sh

This page contains 10 frames:

Primary Page: https://ad2bitcoin.com/ad.php?ref=MarthaQS&width=300
Frame ID: B7A2A11F6FC807DE64532E212B5BA2DB
Requests: 3 HTTP requests in this frame

Frame: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794
Frame ID: 95805AEB608E8F4AB49CC68691A9A3CB
Requests: 1 HTTP requests in this frame

Frame: https://www.gab.ag/
Frame ID: 2575EC8F5E428383BE8CCB63A136D2C2
Requests: 1 HTTP requests in this frame

Frame: https://cuturl.cc/aads.php
Frame ID: 81177DC23DA9C519EE0D7BEAD1D259D7
Requests: 1 HTTP requests in this frame

Frame: https://tomygame.com/coinzilla.php
Frame ID: ABE1B7F4F599809EA7CAA65F4931345D
Requests: 1 HTTP requests in this frame

Frame: https://www.gab.ag/
Frame ID: ABFA55100EDA24B5213DDAD94739D773
Requests: 1 HTTP requests in this frame

Frame: https://www.gab.ag/
Frame ID: 8AFFEA0A22898C341A3C2A4FA8E31ED3
Requests: 1 HTTP requests in this frame

Frame: https://adalso.com/adz/aads468.php
Frame ID: 6866A599A8425E82FEE6A6CA00F42040
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1139569?size=300x250
Frame ID: 366FF505C51DCBED70F7529C937E15CF
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1110727?size=728x90
Frame ID: B2E7179C30538D41C3E6B2526AEFCF85
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

12
Requests

100 %
HTTPS

14 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

55 kB
Transfer

54 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request ad.php Show response
ad2bitcoin.com/ 1 KB
2 KB 375ms
139ms Document
text/html 23.95.12.219
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2bitcoin.com/ad.php?ref=MarthaQS&width=300
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.95.12.219 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-12-219-host.colocrossing.com
Software: Apache /
Resource Hash: 6fe7fa920f802dee54e1899b83b21316198e1d953919d5619e9d577a300a43e1

Request headers

Host: ad2bitcoin.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 20:54:39 GMT
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ic.png
amazingfreebitcoin.com/ 754 B
996 B 362ms
120ms Image
image/png 107.172.10.124
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazingfreebitcoin.com/ic.png
Requested by: Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/ad.php?ref=MarthaQS&width=300
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.172.10.124 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: tabib4you.com
Software: Apache /
Resource Hash: 9c4964adac0e09cf0af35a2c9599e7d46af59dac499fd45643e38773818a7e97

Request headers

Referer: https://ad2bitcoin.com/ad.php?ref=MarthaQS&width=300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 20:54:40 GMT
Last-Modified: Tue, 14 Jan 2020 07:11:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 754

GET
H/1.1 200
OK 19-15868686292013613399.jpg
www.securebannerhosting.com/banners/ 51 KB
51 KB 508ms
157ms Image
image/jpeg 23.91.69.195
ASMALLORANGE1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securebannerhosting.com/banners/19-15868686292013613399.jpg
Requested by: Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/ad.php?ref=MarthaQS&width=300
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.91.69.195 Austin, United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS: server1.membershipsitehosting.com
Software: Apache /
Resource Hash: 035a1601aa55e0ee76338af651eb0627e993870e391e2badf4bbfeef99e2346b

Request headers

Referer: https://ad2bitcoin.com/ad.php?ref=MarthaQS&width=300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 20:54:40 GMT
Last-Modified: Tue, 14 Apr 2020 12:50:29 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=512
Content-Length: 51886

GET
H/1.1 200
OK adqlt.php Show response
ad2bitcoin.com/ Frame 9580 1 KB
2 KB 388ms
169ms Document
text/html 23.95.12.219
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794
Requested by: Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/ad.php?ref=MarthaQS&width=300
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.95.12.219 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-12-219-host.colocrossing.com
Software: Apache /
Resource Hash: 3631dc18227618d5563a11c239c0d77d880320ab6fe2fe05eede2cf271dc57c5

Request headers

Host: ad2bitcoin.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ad2bitcoin.com/ad.php?ref=MarthaQS&width=300
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ad2bitcoin.com/ad.php?ref=MarthaQS&width=300

Response headers

Date: Fri, 17 Apr 2020 20:54:39 GMT
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 /
www.gab.ag/ Frame 2575 0
0 2217ms
2193ms Document
text/html 2606:4700:20::681a:964
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gab.ag/
Requested by: Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: www.gab.ag
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794

Response headers

status: 200
date: Fri, 17 Apr 2020 20:54:43 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d3b19e24cef438a1ef006f27381b249601587156881; expires=Sun, 17-May-20 20:54:41 GMT; path=/; domain=.gab.ag; HttpOnly; SameSite=Lax evo_session=e6nu009ep812mei2uk4aqi5fh3a6v5ec; expires=Fri, 17-Apr-2020 22:54:43 GMT; Max-Age=7200; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58590aea9b3d636b-FRA
content-encoding: br
cf-request-id: 022b85269c0000636ba39f9200000001

GET
H/1.1 200
OK aads.php
cuturl.cc/ Frame 8117 0
0 340ms
114ms Document
text/html 23.94.144.154
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://cuturl.cc/aads.php
Requested by: Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.94.144.154 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-94-144-154-host.colocrossing.com
Software: Apache /
Resource Hash

Request headers

Host: cuturl.cc
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794

Response headers

Date: Fri, 17 Apr 2020 20:54:41 GMT
Server: Apache
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK coinzilla.php
tomygame.com/ Frame ABE1 0
0 4582ms
133ms Document
text/html 23.95.12.218
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://tomygame.com/coinzilla.php
Requested by: Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.95.12.218 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-12-218-host.colocrossing.com
Software: Apache /
Resource Hash

Request headers

Host: tomygame.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794

Response headers

Date: Fri, 17 Apr 2020 20:54:44 GMT
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 /
www.gab.ag/ Frame ABFA 0
0 192ms
173ms Document
text/html 2606:4700:20::681a:964
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gab.ag/
Requested by: Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: www.gab.ag
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794

Response headers

status: 200
date: Fri, 17 Apr 2020 20:54:41 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d3b19e24cef438a1ef006f27381b249601587156881; expires=Sun, 17-May-20 20:54:41 GMT; path=/; domain=.gab.ag; HttpOnly; SameSite=Lax evo_session=dg1es697ld3jadl7kjmceluk61nbssro; expires=Fri, 17-Apr-2020 22:54:41 GMT; Max-Age=7200; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58590aea9b3e636b-FRA
content-encoding: br
cf-request-id: 022b85269c0000636ba39fa200000001

GET
H2 200 /
www.gab.ag/ Frame 8AFF 0
0 4173ms
4155ms Document
text/html 2606:4700:20::681a:964
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gab.ag/
Requested by: Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: www.gab.ag
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794

Response headers

status: 200
date: Fri, 17 Apr 2020 20:54:45 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d3b19e24cef438a1ef006f27381b249601587156881; expires=Sun, 17-May-20 20:54:41 GMT; path=/; domain=.gab.ag; HttpOnly; SameSite=Lax evo_session=a3ac817lpm09ljj1i6ali0stg2oumki8; expires=Fri, 17-Apr-2020 22:54:45 GMT; Max-Age=7200; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58590aea9b3f636b-FRA
content-encoding: br
cf-request-id: 022b85269c0000636ba39fb200000001

GET
H/1.1 200
OK aads468.php
adalso.com/adz/ Frame 6866 0
0 370ms
124ms Document
text/html 23.94.144.154
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://adalso.com/adz/aads468.php
Requested by: Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.94.144.154 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-94-144-154-host.colocrossing.com
Software: Apache /
Resource Hash

Request headers

Host: adalso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ad2bitcoin.com/adqlt.php?ref=MarthaQS&keycode=9794

Response headers

Date: Fri, 17 Apr 2020 20:54:41 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 241
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK 1139569
ad.a-ads.com/ Frame 366F 0
0 47ms
47ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1139569?size=300x250

Requested by

Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/ad.php?ref=MarthaQS&width=300

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.118.53.251.148.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ad2bitcoin.com/ad.php?ref=MarthaQS&width=300
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ad2bitcoin.com/ad.php?ref=MarthaQS&width=300

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Fri, 17 Apr 2020 20:54:42 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
Content-Encoding: gzip

GET
H/1.1 200
OK 1110727
ad.a-ads.com/ Frame B2E7 0
0 41ms
41ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1110727?size=728x90

Requested by

Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/ad.php?ref=MarthaQS&width=300

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.118.53.251.148.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ad2bitcoin.com/ad.php?ref=MarthaQS&width=300
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ad2bitcoin.com/ad.php?ref=MarthaQS&width=300

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Fri, 17 Apr 2020 20:54:44 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
Content-Encoding: gzip

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.gab.ag/	1970-01-19 08:54:03	Name: rekmob_last_seen_919956eb9c744e1a84dc80611f1c4435 Value: 1587156887584
			www.gab.ag/	1970-01-19 08:54:03	Name: rekmob_last_seen_449301397e8e42a9922ea633e3eb3fda Value: 1587156887267

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ad2bitcoin.com
adalso.com
amazingfreebitcoin.com
cuturl.cc
tomygame.com
www.gab.ag
www.securebannerhosting.com
107.172.10.124
148.251.53.118
23.91.69.195
23.94.144.154
23.95.12.218
23.95.12.219
2606:4700:20::681a:964
035a1601aa55e0ee76338af651eb0627e993870e391e2badf4bbfeef99e2346b
3631dc18227618d5563a11c239c0d77d880320ab6fe2fe05eede2cf271dc57c5
6fe7fa920f802dee54e1899b83b21316198e1d953919d5619e9d577a300a43e1
9c4964adac0e09cf0af35a2c9599e7d46af59dac499fd45643e38773818a7e97

ad2bitcoin.com Open in urlscan Pro 23.95.12.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

14 %IPv6

8 Domains

8 Subdomains

7 IPs

2 Countries

55 kBTransfer

54 kBSize

2 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

Indicators

ad2bitcoin.com Open in urlscan Pro
23.95.12.219 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

14 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

55 kB
Transfer

54 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions