bjvysc.com - urlscan.io

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 185.56.234.205, located in Netherlands and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is bjvysc.com.
TLS certificate: Issued by R3 on September 8th 2022. Valid for: 3 months.

This is the only time bjvysc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3036::ac43:a69f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.66.201.42 185.66.201.42	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	185.66.201.7 185.66.201.7	201702 (SKHOSTING-EU) (SKHOSTING-EU)
3	185.56.234.205 185.56.234.205	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
7	4

2 2606:4700:3036::ac43:a69f (United States)

ASN13335 (CLOUDFLARENET, US)

eco-subsidies.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.42 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: affilist.com

qoaaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.7 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.7.skhosting.eu

ofaba.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.56.234.205 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

bjvysc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	bjvysc.com bjvysc.com	54 KB
2	eco-subsidies.buzz eco-subsidies.buzz	1 KB
1	ofaba.live ofaba.live — Cisco Umbrella Rank: 596185	330 B
1	qoaaa.com qoaaa.com — Cisco Umbrella Rank: 310544	769 B
7	4

	Domain	Requested by
3	bjvysc.com	ofaba.live bjvysc.com
2	eco-subsidies.buzz	eco-subsidies.buzz
1	ofaba.live	qoaaa.com
1	qoaaa.com	eco-subsidies.buzz
7	4

This site contains no links.

Subject Issuer	Validity	Valid
*.eco-subsidies.buzz E1	`2022-11-20` - `2023-02-18`	3 months	crt.sh
qoaaa.com R3	`2022-10-05` - `2023-01-03`	3 months	crt.sh
ofaba.live R3	`2022-11-14` - `2023-02-12`	3 months	crt.sh
bjvysc.com R3	`2022-09-08` - `2022-12-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bjvysc.com/bot-detect?h=waWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzIsInNyYyI6Mn0=eyJ&click_id=30affC1669358970aff7d3c6e4862872a528a582&si1=29022522&si2=29022522
Frame ID: 4F9BC4AC93E37EFCB5F7303EDA126A49
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bot check

Page URL History Show full URLs

https://eco-subsidies.buzz/datafifa/KF0tdqt4FmAmTrbJmvZ6cn?1669358873279 Page URL
https://qoaaa.com/9da0588a9b1526cafb37/1b10798554/?placementName=default Page URL
https://ofaba.live/go.php?go=https%3A%2F%2Fbjvysc.com%2Fbot-detect%3Fh%3DwaWQiOjEwMjYxMTMsInNpZ... Page URL
https://bjvysc.com/bot-detect?h=waWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzIsInNyYyI6Mn... Page URL

Page Statistics

7
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

56 kB
Transfer

65 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eco-subsidies.buzz/datafifa/KF0tdqt4FmAmTrbJmvZ6cn?1669358873279 Page URL
https://qoaaa.com/9da0588a9b1526cafb37/1b10798554/?placementName=default Page URL
https://ofaba.live/go.php?go=https%3A%2F%2Fbjvysc.com%2Fbot-detect%3Fh%3DwaWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzIsInNyYyI6Mn0%3DeyJ%26click_id%3D30affC1669358970aff7d3c6e4862872a528a582%26si1%3D29022522%26si2%3D29022522&do=8e84444b033a5281a3b4a7505e3a0d6d Page URL
https://bjvysc.com/bot-detect?h=waWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzIsInNyYyI6Mn0=eyJ&click_id=30affC1669358970aff7d3c6e4862872a528a582&si1=29022522&si2=29022522 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	KF0tdqt4FmAmTrbJmvZ6cn Show response eco-subsidies.buzz/datafifa/	627 B 919 B	428ms 367ms	Document text/html	2606:4700:3036::ac43:a69f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://eco-subsidies.buzz/datafifa/KF0tdqt4FmAmTrbJmvZ6cn?1669358873279 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:a69f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `02c85a72e22af199cf148a936b41ca63bdc8c75129bf5079b347bfbb68cd8222` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 76f871d9bc9f9a05-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 25 Nov 2022 06:49:30 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtiMBlofY1QBTp%2BYDuf4JR2LDKJt5Rl6jibYZxfZ7xRee2Dkm%2FYrmpX5i7Ccl9hVz3pekTwsH1NMnYf%2Fpf%2FBFRd4tdOvIz5z221gv6Sg%2FPlVPsVQkWa%2FPvZIeXvSe3UI8QS172jv%2BXhwfDyAtuW%2FixI%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	jp.php Show response eco-subsidies.buzz/datafifa/api/	577 B 587 B	178ms 178ms	Script application/javascript	2606:4700:3036::ac43:a69f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://eco-subsidies.buzz/datafifa/api/jp.php Requested by Host: eco-subsidies.buzz URL: https://eco-subsidies.buzz/datafifa/KF0tdqt4FmAmTrbJmvZ6cn?1669358873279 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:a69f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `882ae828b239e9aca4d4e1595870d8b631e15c5d042e0b5a4cde896e69d7887f` Request headers accept-language de-DE,de;q=0.9 Referer https://eco-subsidies.buzz/datafifa/KF0tdqt4FmAmTrbJmvZ6cn?1669358873279 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 06:49:30 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhp0ix0pq2xw%2F067EumcJzGZ6%2FGmUqpDLJW1fT3Hf2lQ9HvaxcZF85v8SfKPE6tBf0b3HP%2FeDUC8hhXFIPL9kSlrvMFSpdAbtGd5kd9T%2FZEtHQzsTrSIWh70Hkbjbn1WRvEq04J7%2Fkar%2B1yiSNyuD6w%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control no-store, no-cache, must-revalidate cf-ray 76f871dc09f79a05-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	/ qoaaa.com/9da0588a9b1526cafb37/1b10798554/	726 B 769 B	134ms 69ms	Document text/html	185.66.201.42 SKHOSTING-EU
General Check archive.org Show headers Download Go to Full URL https://qoaaa.com/9da0588a9b1526cafb37/1b10798554/?placementName=default Requested by Host: eco-subsidies.buzz URL: https://eco-subsidies.buzz/datafifa/api/jp.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.201.42 , Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS affilist.com Software nginx / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate post-check=0, pre-check=0 content-encoding br content-type text/html; charset=UTF-8 date Fri, 25 Nov 2022 06:49:30 GMT expires Sun, 01 Jan 2014 00:00:00 GMT pragma no-cache server nginx x-robots-tag noindex,nofollow
GET H2	200	go.php ofaba.live/	683 B 330 B	117ms 26ms	Document text/html	185.66.201.7 SKHOSTING-EU
General Check archive.org Show headers Download Go to Full URL https://ofaba.live/go.php?go=https%3A%2F%2Fbjvysc.com%2Fbot-detect%3Fh%3DwaWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzIsInNyYyI6Mn0%3DeyJ%26click_id%3D30affC1669358970aff7d3c6e4862872a528a582%26si1%3D29022522%26si2%3D29022522&do=8e84444b033a5281a3b4a7505e3a0d6d Requested by Host: qoaaa.com URL: https://qoaaa.com/9da0588a9b1526cafb37/1b10798554/?placementName=default Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.201.7 , Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS 185.66.201.7.skhosting.eu Software nginx / Resource Hash Request headers Referer https://qoaaa.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-type text/html; charset=UTF-8 date Fri, 25 Nov 2022 06:49:30 GMT server nginx
GET H2	200	Primary Request bot-detect Show response bjvysc.com/	21 KB 12 KB	64ms 21ms	Document text/html	185.56.234.205 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://bjvysc.com/bot-detect?h=waWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzIsInNyYyI6Mn0=eyJ&click_id=30affC1669358970aff7d3c6e4862872a528a582&si1=29022522&si2=29022522 Requested by Host: ofaba.live URL: https://ofaba.live/go.php?go=https%3A%2F%2Fbjvysc.com%2Fbot-detect%3Fh%3DwaWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzIsInNyYyI6Mn0%3DeyJ%26click_id%3D30affC1669358970aff7d3c6e4862872a528a582%26si1%3D29022522%26si2%3D29022522&do=8e84444b033a5281a3b4a7505e3a0d6d Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.21.1 / Resource Hash `80482790a590c1518bec3351e10fc98021d2785465011675d6edb0d553ddf5f2` Request headers Referer https://ofaba.live/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Fri, 25 Nov 2022 06:49:30 GMT server nginx/1.21.1 vary Accept-Encoding x-zone eu3
GET H2	200	arrow.png bjvysc.com/images/bot-detect/	7 KB 8 KB	17ms 16ms	Image image/png	185.56.234.205 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bjvysc.com/images/bot-detect/arrow.png Requested by Host: bjvysc.com URL: https://bjvysc.com/bot-detect?h=waWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzIsInNyYyI6Mn0=eyJ&click_id=30affC1669358970aff7d3c6e4862872a528a582&si1=29022522&si2=29022522 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.21.1 / Resource Hash `1e33356964f2769244bb45448d9b0680582b69f344b4f09fa85231efaf05adc2` Request headers accept-language de-DE,de;q=0.9 Referer https://bjvysc.com/bot-detect?h=waWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzIsInNyYyI6Mn0=eyJ&click_id=30affC1669358970aff7d3c6e4862872a528a582&si1=29022522&si2=29022522 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 06:49:30 GMT last-modified Mon, 21 Nov 2022 11:53:43 GMT server nginx/1.21.1 etag "637b66c7-1d94" content-type image/png accept-ranges bytes x-zone eu content-length 7572
GET H2	200	robot-men.png bjvysc.com/images/bot-detect/	35 KB 35 KB	17ms 17ms	Image image/png	185.56.234.205 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bjvysc.com/images/bot-detect/robot-men.png Requested by Host: bjvysc.com URL: https://bjvysc.com/bot-detect?h=waWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzIsInNyYyI6Mn0=eyJ&click_id=30affC1669358970aff7d3c6e4862872a528a582&si1=29022522&si2=29022522 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.21.1 / Resource Hash `5c3c942fb9cd53092d8fffd0b3fac34138146959b4febc788be7e919232008b9` Request headers accept-language de-DE,de;q=0.9 Referer https://bjvysc.com/bot-detect?h=waWQiOjEwMjYxMTMsInNpZCI6MTE1ODM1NSwid2lkIjozOTg5MzIsInNyYyI6Mn0=eyJ&click_id=30affC1669358970aff7d3c6e4862872a528a582&si1=29022522&si2=29022522 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 06:49:30 GMT last-modified Mon, 21 Nov 2022 11:53:43 GMT server nginx/1.21.1 etag "637b66c7-8ab7" content-type image/png accept-ranges bytes x-zone eu3 content-length 35511

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| edPushSDK

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qoaaa.com/9da0588a9b1526cafb37/1b10798554	1970-01-20 07:44:05	Name: shown1 Value: 0
qoaaa.com/9da0588a9b1526cafb37/1b10798554	1970-01-20 07:43:58	Name: total_impressions Value: 1
eco-subsidies.buzz/	1970-01-20 07:42:39	Name: sid Value: q8hrsc4l2e60cullmunaksrdf8
qoaaa.com/	1970-01-20 07:43:58	Name: used_ad2834414 Value: 1
.bjvysc.com/	1970-01-20 07:44:05	Name: truniq Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bjvysc.com
eco-subsidies.buzz
ofaba.live
qoaaa.com
185.56.234.205
185.66.201.42
185.66.201.7
2606:4700:3036::ac43:a69f
02c85a72e22af199cf148a936b41ca63bdc8c75129bf5079b347bfbb68cd8222
1e33356964f2769244bb45448d9b0680582b69f344b4f09fa85231efaf05adc2
5c3c942fb9cd53092d8fffd0b3fac34138146959b4febc788be7e919232008b9
80482790a590c1518bec3351e10fc98021d2785465011675d6edb0d553ddf5f2
882ae828b239e9aca4d4e1595870d8b631e15c5d042e0b5a4cde896e69d7887f

bjvysc.com Open in urlscan Pro 185.56.234.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

7 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

56 kBTransfer

65 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

5 Cookies

Indicators

bjvysc.com Open in urlscan Pro
185.56.234.205 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

56 kB
Transfer

65 kB
Size

5
Cookies

7 HTTP transactions
0 data transactions