sjsabb.com
Open in
urlscan Pro
2a01:4f8:c0:2f03::2
Public Scan
Submission Tags: 0xscam
Submission: On April 19 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on March 1st 2024. Valid for: 3 months.
This is the only time sjsabb.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 2a01:4f8:c0:2... 2a01:4f8:c0:2f03::2 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 1 | 2a02:128:7:49... 2a02:128:7:4966::2 | 50245 (SERVEREL-AS) (SERVEREL-AS) | |
1 | 2a02:6ea0:c70... 2a02:6ea0:c700::11 | 60068 (CDN77 _) (CDN77 _) | |
3 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
sjsabb.com
1 redirects
sjsabb.com — Cisco Umbrella Rank: 270171 |
2 KB |
1 |
magsrv.com
a.magsrv.com — Cisco Umbrella Rank: 13071 |
|
1 |
zog.link
1 redirects
btds.zog.link — Cisco Umbrella Rank: 67638 |
406 B |
3 | 3 |
Domain | Requested by | |
---|---|---|
3 | sjsabb.com | 1 redirects |
1 | a.magsrv.com |
sjsabb.com
|
1 | btds.zog.link | 1 redirects |
3 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
rtbbnr.com R3 |
2024-03-01 - 2024-05-30 |
3 months | crt.sh |
magsrv.com R3 |
2024-02-27 - 2024-05-27 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://sjsabb.com/get?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiJjcnlwdG9jdXJyZW5jeSIsImlkIjoxNDk3LCJzcGFjZWlkIjozMTI3MCwidHlwZSI6InBvcCIsImlkem9uZSI6NDE4NzIxNCwiYWRfdGFncyI6IixjcnlwdG9jdXJyZW5jeSIsImxhYmVscyI6IiIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjE2ODM0NTA3NDIiLCJyZWZyZXNoIjoxLCJ1dG0xIjoibWNrIiwidXRtMiI6IjEwMTI3IiwidXRtMyI6IjU3MzY3NjMzIiwidXRtNCI6IiIsIm1vIjoiTWFjaW50b3NoIiwidmUiOiJBcHBsZSIsInNwb3RfaWQiOjMxMjcwLCJtdWx0aXBsZSI6dHJ1ZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiaG90bW92cy5jb20iLCJwbCI6MTIsInN0cmF0YWdlbSI6IiIsImd5ciI6MCwiYWNjZWwiOjAsInNzcCI6Mzc1NiwiYnR5cGUiOjAsInYyIjowLCJyY2hhbmdlIjpmYWxzZX0sImJhbm5lciI6eyJ3Ijo3MjgsImgiOjkwfSwibWV0cmljcyI6eyJ0b3BpY3MiOltdfX1dLCJzaXRlIjp7ImlkIjoiMzEyNzAiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdnh4eC5jb20vdmlkZW8tMTI4NDg1MS8/Y2FtcGFpZ249MTAxMjciLCJjdGlkIjoxfSwiZGV2aWNlIjp7InciOjM0NDAsImgiOjE0NDB9LCJ1c2VyIjp7ImlkIjoiMTk4NjZiZmJiOGIyM2YzY2UzNjAwNWUxOWFiMGE5NmQiLCJmcCI6MTAyMDAwMzY1MzgxMzU5OTYwMDAsImZwX3N0ciI6IjEwMjAwMDM2NTM4MTM1OTk3MjAzIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJhcm0iLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTI0In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMjQifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJtYWNPUyIsInBsYXRmb3JtVmVyc2lvbiI6IjE0LjQuMSIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEyNCIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTM1MTc0OTgzMTR9fQ==
Frame ID: D4398235A5971AB4A1508E29133C35D5
Requests: 2 HTTP requests in this frame
Frame:
https://a.magsrv.com/iframe.php?idzone=4187214&size=728x90&sub=1683450742&tags=,cryptocurrency
Frame ID: 786766A60C5DEC816B8BC4BE779AF1C5
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://sjsabb.com/banner/in/show/?mid=730113948360575155&pid=0&site=31270&sc=DE&usage_type=DCH&subid=1683450742&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=vxxx.com&hostname=auc-banner-hz-10&site_id=0&spot_id=31270&utm_source=mck&utm_medium=10127&utm_campaign=57367633&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&pop_winurl=&ip=2a01:4a0:1338:92::10&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=default&iabcat=IAB25&min_cpm=0.004197&placement_type_id=12&skin_test=&verify_hash=&score=0.3281342091634809&ml=&tag_ab=a&v2=0&ttl=&space_id=31270&banner_width=728&banner_height=90&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D31270%26source%3D1683450742%26idzone%3D4187214%26w%3D728%26h%3D90%26mo%3DMacintosh%26ve%3DApple%26site_id%3D31270%26utm1%3Dmck%26utm2%3D10127%26utm3%3D57367633%26utm4%3D%26ad_tags%3D%2Ccryptocurrency%26spot_id%3D31270%26p%3Dhttps%253A%252F%252Fvxxx.com%252Fvideo-1284851%252F%253Fcampaign%253D10127%26katds_labels%3D%26btype%3D0%26score%3D0.3281342091634809%26bf%3D0.004197%26dr%3Dvxxx.com&pr=hotmovs.com&bid_crid=&bid_cid=&is_iframe=0&ad_tags=,cryptocurrency&stratagem=&ssp=3756&refresh=1&priority=0&bb=0.004197&label_ids=&site_id64=0&client_price=&container=ClickadillaTuple&original_bid_usd=0&comeback=&topics=&o_d=&ectr=0 HTTP 302
- https://btds.zog.link/in/912/?sid=31270&source=1683450742&idzone=4187214&w=728&h=90&mo=Macintosh&ve=Apple&site_id=31270&utm1=mck&utm2=10127&utm3=57367633&utm4=&ad_tags=,cryptocurrency&spot_id=31270&p=https%3A%2F%2Fvxxx.com%2Fvideo-1284851%2F%3Fcampaign%3D10127&katds_labels=&btype=0&score=0.3281342091634809&bf=0.004197&dr=vxxx.com HTTP 302
- https://a.magsrv.com/iframe.php?idzone=4187214&size=728x90&sub=1683450742&tags=,cryptocurrency
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
get
sjsabb.com/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.php
a.magsrv.com/ Frame 7867 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
sjsabb.com/ |
18 B 96 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 04 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
btds.zog.link/ | Name: 912.0 Value: 1 |
|
btds.zog.link/ | Name: 1624.0 Value: 1 |
|
btds.zog.link/ | Name: 1629.0 Value: 1 |
|
.magsrv.com/ | Name: __uvt Value: a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2266223cd5ad3e99.63095607230367512%22%3B%7D |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.magsrv.com
btds.zog.link
sjsabb.com
2a01:4f8:c0:2f03::2
2a02:128:7:4966::2
2a02:6ea0:c700::11
70a0cb2373aa65ae4e4e9a012c0505111f94cdbb7efb501c7f32d877e9634d79
8d13e9e92cc81a38caae9b13d3786422782132e1a746ac73cae921e5df6da3be