urlscan.io logo urlscan.io
SecurityTrails logo

webaaa.cc Open in urlscan Pro
2606:4700:3037::6815:5259  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://yzsbdh.com/#ne
Effective URL: https://webaaa.cc/ARyX5AJNKdFb/
Submission Tags: 0xscam
Submission: On March 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3037::6815:5259, located in United States and belongs to CLOUDFLARENET, US. The main domain is webaaa.cc.
TLS certificate: Issued by E1 on March 7th 2024. Valid for: 3 months.
This is the only time webaaa.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2606:4700:3030::ac43:d657 (United States)

ASN13335 (CLOUDFLARENET, US)
yzsbdh.com
3    2606:4700:3037::6815:5259 (United States)

ASN13335 (CLOUDFLARENET, US)
webaaa.cc
1    2408:872f:20:a::f4 (None, )

ASN- ()
lf6-cdn-tos.bytecdntp.com
1    2606:4700:10::6814:4273 (None, )

ASN- ()
s10.histats.com
1    149.56.240.129 (None, )

ASN- ()
s4.histats.com
Apex Domain
Subdomains		 Transfer
4 yzsbdh.com
yzsbdh.com
6 KB
3 webaaa.cc
webaaa.cc
6 KB
2 histats.com
s10.histats.com
s4.histats.com
5 KB
1 bytecdntp.com
lf6-cdn-tos.bytecdntp.com
31 KB
0 qq.com Failed
qzone.qq.com Failed
12 5
Domain Requested by
4 yzsbdh.com 1 redirects yzsbdh.com
3 webaaa.cc webaaa.cc
yzsbdh.com
1 s4.histats.com s10.histats.com
1 s10.histats.com webaaa.cc
s10.histats.com
1 lf6-cdn-tos.bytecdntp.com webaaa.cc
0 qzone.qq.com Failed lf6-cdn-tos.bytecdntp.com
12 6

This site contains no links.

Subject Issuer Validity Valid
yzsbdh.com
GTS CA 1P5		 2024-03-14 -
2024-06-12		 3 months crt.sh
webaaa.cc
E1		 2024-03-07 -
2024-06-05		 3 months crt.sh
*.bytecdntp.com
RapidSSL TLS RSA CA G1		 2023-06-30 -
2024-06-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-11		 a year crt.sh
histats.com
R3		 2024-02-16 -
2024-05-16		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://webaaa.cc/ARyX5AJNKdFb/
Frame ID: 25BC7189A149F8323C097F390A294343
Requests: 9 HTTP requests in this frame

Frame: https://yzsbdh.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
Frame ID: 850617C21DF8611D2BD3340BB9D2404A
Requests: 2 HTTP requests in this frame

Frame: https://webaaa.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: 7CA497C04AD516119599590B532F3D2E
Requests: 1 HTTP requests in this frame

Frame: https://qzone.qq.com/404.html
Frame ID: C7D54A37A65F568DC85036025B0FD660
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://yzsbdh.com/ Page URL
  2. https://webaaa.cc/ARyX5AJNKdFb/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

67 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

6
IPs

1
Countries

48 kB
Transfer

121 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://yzsbdh.com/ Page URL
  2. https://webaaa.cc/ARyX5AJNKdFb/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://yzsbdh.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://yzsbdh.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
yzsbdh.com/ 		1 KB
1018 B 		Document
General
Check archive.org
Download Go to
Full URL
https://yzsbdh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d657 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04ca7c15aeaa5700e0748baf70e9024f3605e63be9b4e0c5289e46a76cd44cb5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
865191e6ec2bf110-CDG
content-encoding
br
content-type
text/html
date
Sat, 16 Mar 2024 03:13:54 GMT
last-modified
Wed, 13 Mar 2024 12:03:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZkG3f5if7r5J6tQWTtTR4wWiI8cSkZy6rSySBwKGwvX0xVzcDvL%2FaG5y5O25nbzW03lRFKcXHfuglocY%2FgwskKUzmYbgJIe5Hh5wGsdCmWGb7EAe3YbXnuaSIMBwI6WJV91gL4IFUEEt"}],"group":"cf-nel","max_age":604800}
server
cloudflare
main.js
yzsbdh.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/ Frame 8506
Redirect Chain
  • https://yzsbdh.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://yzsbdh.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yzsbdh.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
Protocol
H2
Server
2606:4700:3030::ac43:d657 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7118b4112b9ac4460eefbbc33f4010ac5f9611f9ba6257e6a0f303482dfc31ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 03:13:54 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PLz%2F3Cr%2Fy779Ikni2Q8r%2FRWaEgVY5eYAyLeWoWldfbyWxU566eVn0QsniwH9ZjZU7H8d4MF4T%2B7P%2BBf%2BF3EtIbqwZc%2FQph%2FgDV2llsKPsdHHijqv0rJl3Vi6mhoWrluaABuwuHebujEJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
865191e97d43f110-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 16 Mar 2024 03:13:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQvHY8aof0S0gNtDOBpfsuR5xgqGQm0oxgbkEBFATG%2F10Qkiqw3BaZVcgIFJwAswcljVw1BrhlFKJQnY7QhQiVknzQr3rgv81Vub%2FB7Fno4x5F%2BPZl17rSDASLZ7CPW%2FvhUizLBk7bpW"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
865191e93d2df110-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
865191e6ec2bf110
yzsbdh.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 8506 		0
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yzsbdh.com/cdn-cgi/challenge-platform/h/b/jsd/r/865191e6ec2bf110
Requested by
Host: yzsbdh.com
URL: https://yzsbdh.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d657 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 16 Mar 2024 03:13:54 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rar8uGGfZpn6QVxwJqmOvwOl2d50OOD%2B7vZ5Z1GhKU1E69W8af2tXfkPZrLLzKzg2%2Fs19kWqIwBMyojNn9q%2BTw5QbV9WZbdDVAvCwWZicJK2R1WyesFGF3Vc%2BuqB6cubYXnQcqMXyBf2"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
865191ea5acaf0f4-CDG
alt-svc
h3=":443"; ma=86400
Primary Request /
webaaa.cc/ARyX5AJNKdFb/ 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webaaa.cc/ARyX5AJNKdFb/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cca5dc0fb97fcf77a8d51ba34e8d98a2d22b45b997ab72b22b2648dff0da4dd0

Request headers

Referer
https://yzsbdh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
865191eafb6bb8ae-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 16 Mar 2024 03:13:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=neIUnbInNBYxO%2BO6Nllns8e%2B0nj4mdGlaASnZO4VRGsoXGA1NggOlahpieZ2ORICLp81Qks5qSbRyh%2FKdQ7i%2FfESFhp1bEYPhY9vSTRwIueuSXNaKJy9oLQwKXnnlGrDWYKH5liUULc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery.min.js
lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/jquery.min.js
Requested by
Host: webaaa.cc
URL: https://webaaa.cc/ARyX5AJNKdFb/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2408:872f:20:a::f4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webaaa.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:01:49 GMT
content-encoding
gzip
x-tt-trace-tag
id=06;cdn-cache=hit;type=static
age
2365929
x-link-via
syun15:443;hfmp63:443;
x-cache-status
HIT from KS-CLOUD-HF-MP-63-26, HIT from KS-CLOUD-SY-UN-15-19
server-timing
inner; dur=13
content-length
30947
last-modified
Sun, 24 Apr 2022 19:10:58 GMT
server
nginx
x-tt-logid
202304272029550B9363D6C7A2B1BBB2FB
etag
W/"6265a0c2-15d9d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-tt-trace-host
01b78409dcbda733a8d849bf40223be4f692ab4b16948191a8100de31ba4d27dd021478577157c346a6a7aaf8064fa4b2fef577a39061a98770332102355328a154d3aef306b928ce9fe5a2bc7946b89de2fc0dffbec07e564d6aace510bce29380106ac815d1c791447a8e0e1e199fe3f0157ebb0ba6bfb177bfc5ad79830a40b
x-response-cinfo
2001:1b60:2:240:3247::9
accept-ranges
bytes
x-response-cache
edge_hit
timing-allow-origin
*
x-cdn-request-id
586a07f0e8f43c8b3056065c08b6d297
expires
Mon, 18 Mar 2024 18:01:49 GMT
p.js
webaaa.cc/js/ 		1 KB
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://webaaa.cc/js/p.js
Requested by
Host: webaaa.cc
URL: https://webaaa.cc/ARyX5AJNKdFb/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d76ff3c18ce630fdc5103843871cd2017d3a167b4bc763bb0ab7c411c11c4c73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webaaa.cc/ARyX5AJNKdFb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 03:13:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 31 Dec 2023 05:35:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4235
etag
W/"6590fda7-501"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x3T4P%2FuMjt1LzxVZMBi3LIVeCI8c5VGtp1HkkjV4y19wUNWJ9%2BdFM5oBgTKXSyS4JIQKi2too2ps62u2ZnqGCen2X%2FsEc42c4qqaeSXL2q62%2BbMBHv407Y1vD5mxCHBv9sdhyYVVSqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
865191ed1c96b8ae-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 16 Mar 2024 14:03:19 GMT
dytv.js
webaaa.cc/js/ 		1 KB
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://webaaa.cc/js/dytv.js
Requested by
Host: webaaa.cc
URL: https://webaaa.cc/ARyX5AJNKdFb/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf72987974c73146b95f2213a472f3cd1784d738b0fd6f908c45dd7a0bfd4d58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webaaa.cc/ARyX5AJNKdFb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 03:13:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Feb 2024 03:40:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4235
etag
W/"65d6c210-4d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zz7kbSsMouKl%2Fzy598RfBqkXp%2BCsqw3tSgARe8Mr7B8oRidb4TDsi%2BIBz60qAv5XyP39QQPQ0fHkToOahZyNfzG8%2BHBDU%2Bu1o41UP9dPZ5K%2BufrDAo0FER%2FKCWOkONMlWzZmO2WnSzA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
865191ed1c97b8ae-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 16 Mar 2024 14:03:19 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f762c9777e8d6ac9adf7b3327d66f19ed7d9345339861fbd5c213628e931c9d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: webaaa.cc
URL: https://webaaa.cc/ARyX5AJNKdFb/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4273 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 03:13:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
37876
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
8651920a6a041e55-FRA
content-length
4547
main.js
webaaa.cc/cdn-cgi/challenge-platform/scripts/jsd/ Frame 7CA4 		0
0
404.html
qzone.qq.com/ Frame C7D5 		0
0
4636516.php
s4.histats.com/stats/ 		51 B
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/4636516.php?4636516&@f16&@g1&@h1&@i1&@j1710558839446&@k0&@l1&@m404&@n0&@ohttps%3A%2F%2Fyzsbdh.com%2F&@q0&@r0&@s4&@ten-US&@u1600&@b1:-96521053&@b3:1710558839&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fwebaaa.cc%2FARyX5AJNKdFb%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.129 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
94b5f87b2a6ce33a23884b1ca36c1379a7600605adc10f3f3fe4b1caa479937e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 16 Mar 2024 03:13:59 GMT
Connection
close
Content-Length
51
Content-Type
text/html;charset=UTF-8
cc_4.js
s10.histats.com/counters/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
webaaa.cc
URL
https://webaaa.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js
Domain
qzone.qq.com
URL
https://qzone.qq.com/404.html
Domain
s10.histats.com
URL
https://s10.histats.com/counters/cc_4.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
.yzsbdh.com/ Name: cf_clearance
Value: RxNdHIeKfw7yiUaA4oDGt_oXUmK0UtLe7gPk2fu6g40-1710558834-1.0.1.1-CH4.Tqi1cPVP8BM_giagy2AwLqGzH66r4f0v07KziGiwbDlmyTmXqJStLM669hnZZ8ah0ubhWEUHwycol9D61w