urlscan.io logo urlscan.io
SecurityTrails logo

bjvysc.com Open in urlscan Pro
185.56.234.205  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sponsor-nggift.click/worldcupfifa/?1670252227661
Effective URL: https://bjvysc.com/access-website?h=waWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzYsInNyYyI6Mn0=eyJ&click_id=3...
Submission: On December 05 via manual — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 5 HTTP transactions. The main IP is 185.56.234.205, located in Netherlands and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is bjvysc.com.
TLS certificate: Issued by R3 on November 30th 2022. Valid for: 3 months.
This is the only time bjvysc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 185.66.201.42 201702 (SKHOSTING-EU)
1 185.66.201.7 201702 (SKHOSTING-EU)
1 185.56.234.205 39572 (ADVANCEDH...)
5 4
Apex Domain
Subdomains		 Transfer
2 sponsor-nggift.click
sponsor-nggift.click
2 KB
1 bjvysc.com
bjvysc.com
12 KB
1 ofaba.live
ofaba.live — Cisco Umbrella Rank: 791001
329 B
1 qoaaa.com
qoaaa.com — Cisco Umbrella Rank: 468420
767 B
5 4
Domain Requested by
2 sponsor-nggift.click sponsor-nggift.click
1 bjvysc.com ofaba.live
1 ofaba.live qoaaa.com
1 qoaaa.com sponsor-nggift.click
5 4

This site contains no links.

Subject Issuer Validity Valid
*.sponsor-nggift.click
E1		 2022-11-23 -
2023-02-21		 3 months crt.sh
qoaaa.com
R3		 2022-10-05 -
2023-01-03		 3 months crt.sh
ofaba.live
R3		 2022-11-14 -
2023-02-12		 3 months crt.sh
bjvysc.com
R3		 2022-11-30 -
2023-02-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bjvysc.com/access-website?h=waWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzYsInNyYyI6Mn0=eyJ&click_id=30affC1670256712affc550593388900a446a872&si1=29285321&si2=29285321
Frame ID: 7EABC5BA48B4A4D1B96FFD33C1CA941B
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access website

Page URL History Show full URLs

  1. https://sponsor-nggift.click/worldcupfifa/?1670252227661 Page URL
  2. https://qoaaa.com/7987c9ea3c6d567301b1/ca312ef06e/?placementName=default Page URL
  3. https://ofaba.live/go.php?go=https%3A%2F%2Fbjvysc.com%2Faccess-website%3Fh%3DwaWQiOjEwMjYxMTMsI... Page URL
  4. https://bjvysc.com/access-website?h=waWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzYsInNyYy... Page URL

Page Statistics

5
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

15 kB
Transfer

25 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sponsor-nggift.click/worldcupfifa/?1670252227661 Page URL
  2. https://qoaaa.com/7987c9ea3c6d567301b1/ca312ef06e/?placementName=default Page URL
  3. https://ofaba.live/go.php?go=https%3A%2F%2Fbjvysc.com%2Faccess-website%3Fh%3DwaWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzYsInNyYyI6Mn0%3DeyJ%26click_id%3D30affC1670256712affc550593388900a446a872%26si1%3D29285321%26si2%3D29285321&do=d089e5cd4e7cc9dbdaa2d64eaf11b27e Page URL
  4. https://bjvysc.com/access-website?h=waWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzYsInNyYyI6Mn0=eyJ&click_id=30affC1670256712affc550593388900a446a872&si1=29285321&si2=29285321 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
sponsor-nggift.click/worldcupfifa/ 		859 B
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sponsor-nggift.click/worldcupfifa/?1670252227661
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454b093729854b57bab14ef96e91f4bfc611ab88536fea32126eab3f64c563fc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
774e0f6019d81caa-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 05 Dec 2022 16:11:52 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfSbK3%2F6%2FNlOiYPOFY6fhjF5cW4pSMun%2FWUyjaFhelexir0yOV0T9D3buNzaVsxfVy2wn%2F2qg6HHdxR3KMEWT%2BxLkONh9G33u%2BK85Jo6i6Vb%2BPR8MXGW7SobtuyAsv1PxrQWQNT42QF83fnsoAFzTxP4Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jp.php
sponsor-nggift.click/worldcupfifa/api/ 		638 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sponsor-nggift.click/worldcupfifa/api/jp.php
Requested by
Host: sponsor-nggift.click
URL: https://sponsor-nggift.click/worldcupfifa/?1670252227661
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f1b80916c5c44a04e67318847617eae9493c78094f523da5233b8341bbe575

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sponsor-nggift.click/worldcupfifa/?1670252227661
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 16:11:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iC0UU2PDAknSd1IH82CLgzu1mXs7TWX7Yb7FkleMzyp%2BR5sF31DfxfdklZxgRmtdSeAToydODxzby%2FygiqnKkR2EWCuLru7VzrIahvF3jn1idvnFoAmzZlCUPVSJUrWa2IDu%2B%2F940BxK98Q26n1605x9Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
774e0f627d591caa-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
qoaaa.com/7987c9ea3c6d567301b1/ca312ef06e/ 		734 B
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://qoaaa.com/7987c9ea3c6d567301b1/ca312ef06e/?placementName=default
Requested by
Host: sponsor-nggift.click
URL: https://sponsor-nggift.click/worldcupfifa/api/jp.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.201.42 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
affilist.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 05 Dec 2022 16:11:52 GMT
expires
Sun, 01 Jan 2014 00:00:00 GMT
pragma
no-cache
server
nginx
x-robots-tag
noindex,nofollow
go.php
ofaba.live/ 		691 B
329 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ofaba.live/go.php?go=https%3A%2F%2Fbjvysc.com%2Faccess-website%3Fh%3DwaWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzYsInNyYyI6Mn0%3DeyJ%26click_id%3D30affC1670256712affc550593388900a446a872%26si1%3D29285321%26si2%3D29285321&do=d089e5cd4e7cc9dbdaa2d64eaf11b27e
Requested by
Host: qoaaa.com
URL: https://qoaaa.com/7987c9ea3c6d567301b1/ca312ef06e/?placementName=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.201.7 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.201.7.skhosting.eu
Software
nginx /
Resource Hash

Request headers

Referer
https://qoaaa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 05 Dec 2022 16:11:52 GMT
server
nginx
Primary Request access-website
bjvysc.com/ 		22 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bjvysc.com/access-website?h=waWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzYsInNyYyI6Mn0=eyJ&click_id=30affC1670256712affc550593388900a446a872&si1=29285321&si2=29285321
Requested by
Host: ofaba.live
URL: https://ofaba.live/go.php?go=https%3A%2F%2Fbjvysc.com%2Faccess-website%3Fh%3DwaWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzYsInNyYyI6Mn0%3DeyJ%26click_id%3D30affC1670256712affc550593388900a446a872%26si1%3D29285321%26si2%3D29285321&do=d089e5cd4e7cc9dbdaa2d64eaf11b27e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
0651ac6573f33697a68271d51867e5a8334e023524cd5c45cc8606ee9c104b11

Request headers

Referer
https://ofaba.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 05 Dec 2022 16:11:52 GMT
server
nginx/1.21.1
vary
Accept-Encoding
x-zone
eu4

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| edPushSDK

5 Cookies

Domain/Path Name / Value
qoaaa.com/7987c9ea3c6d567301b1/ca312ef06e Name: shown1
Value: 0
qoaaa.com/7987c9ea3c6d567301b1/ca312ef06e Name: total_impressions
Value: 1
sponsor-nggift.click/ Name: sid
Value: 4hn4q1v47tn1988g9lgh2pf7dd
qoaaa.com/ Name: used_ad2834783
Value: 1
.bjvysc.com/ Name: truniq
Value: 1