urlscan.io logo urlscan.io
SecurityTrails logo

cf.bbaa.moe Open in urlscan Pro
2606:4700:3032::ac43:9769  Public Scan

Go To Rescan Add Verdict Report
URL: https://cf.bbaa.moe/
Submission Tags: @phishunt_io
Submission: On February 22 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3032::ac43:9769, located in United States and belongs to CLOUDFLARENET, US. The main domain is cf.bbaa.moe.
TLS certificate: Issued by E1 on January 11th 2024. Valid for: 3 months.
This is the only time cf.bbaa.moe was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42::282 54113 (FASTLY)
1 2404:2280:1cc... 24429 (TAOBAO Zh...)
11 4
Apex Domain
Subdomains		 Transfer
6 bbaa.moe
cf.bbaa.moe
344 KB
1 alicdn.com
g.alicdn.com — Cisco Umbrella Rank: 10629
8 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1667
615 B
11 3
Domain Requested by
6 cf.bbaa.moe cf.bbaa.moe
1 g.alicdn.com cf.bbaa.moe
1 polyfill.io cf.bbaa.moe
11 3

This site contains no links.

Subject Issuer Validity Valid
bbaa.moe
E1		 2024-01-11 -
2024-04-10		 3 months crt.sh
polyfill.io
Certainly Intermediate R1		 2024-02-20 -
2024-03-21		 a month crt.sh
*.tbcdn.cn
GlobalSign Organization Validation CA - SHA256 - G3		 2023-12-26 -
2024-07-30		 7 months crt.sh

This page contains 1 frames:

Primary Page: https://cf.bbaa.moe/
Frame ID: F15EF47DDC077BE626427A97256C68D8
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AList

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/

Page Statistics

11
Requests

73 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

352 kB
Transfer

1191 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cf.bbaa.moe/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf.bbaa.moe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a7b1b09975c00f0a726570a2cef041853c43b5196a7e37ebb1d4e481b7a02cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85987d48caf6d0d9-AMS
content-encoding
br
content-type
text/html
date
Thu, 22 Feb 2024 16:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVzucsNSjejyncrEvogx0nZFncPdCmQTj459t%2B3pCyCTREdmn7gYy8wueG1sZkzU8nHe6b1SCcmkPgGtOb7Wwrhdu4n97UkceQ8%2BlQXRX1%2FdAwJzQpgqvHtkJtmaABg%2F5GzhAd4taJdJsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
polyfill.min.js
polyfill.io/v3/ 		104 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=String.prototype.replaceAll
Requested by
Host: cf.bbaa.moe
URL: https://cf.bbaa.moe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.bbaa.moe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 22 Feb 2024 16:08:44 GMT
age
0
detected-user-agent
Chrome/122.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=3
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
121
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/122.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
aliyun-web-office-sdk.min.js
g.alicdn.com/IMM/office-js/1.1.5/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/IMM/office-js/1.1.5/aliyun-web-office-sdk.min.js
Requested by
Host: cf.bbaa.moe
URL: https://cf.bbaa.moe/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:715::3fb , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
31782879cc9c7ed12ed91b3c3a1f34400f394c65d0de817c2e44ce494c507556

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:48:30 GMT
content-encoding
gzip
via
cache25.l2de2[0,0,200-0,H], cache4.l2de2[0,0], cache4.l2de2[1,0], ens-cache13.de5[0,0,200-0,H], ens-cache16.de5[1,0]
x-oss-request-id
65D699DED5460934311DB510
content-md5
zaGbX/wtiK+udH76Nlnh0g==
age
55215
x-swift-cachetime
86385
x-cache
HIT TCP_MEM_HIT dirn:13:83087564
x-swift-savetime
Thu, 22 Feb 2024 00:48:45 GMT
content-length
7234
x-bucket-code
3
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1708562910
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=86400
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
3510385766732050074
eagleid
a3b55ca417086181252804785e
x-oss-server-time
8
index.75e31196.js
cf.bbaa.moe/assets/ 		1 MB
325 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bbaa.moe/assets/index.75e31196.js
Requested by
Host: cf.bbaa.moe
URL: https://cf.bbaa.moe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1729abbea28c53d1bc09624e58453336b9e517e675bffd1ecb8c4242837554f

Request headers

Referer
https://cf.bbaa.moe/
Origin
https://cf.bbaa.moe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 16:08:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 22 Feb 2024 16:08:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0OMn7Y1YqmSD7h4IbV3lBmapKNl6ihehiOohIh8nRVPulb694W%2FxSB5Qk9lMQ%2BW4xPhhb7RevG8egXqslXTTXswKu0giJaJkger3gQEQRsCUDecJE8GS0ZTj29uea9%2FywEvLEIB8bXwIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=15552000
cf-ray
85987d515933d0d9-AMS
alt-svc
h3=":443"; ma=86400
index.15d8d646.css
cf.bbaa.moe/assets/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bbaa.moe/assets/index.15d8d646.css
Requested by
Host: cf.bbaa.moe
URL: https://cf.bbaa.moe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15d8d6463c01fdcd2b3bab11c14eb5ad0e2d0f348f94d70bc161b2e9c76dd91c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.bbaa.moe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 16:08:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 22 Feb 2024 16:08:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJ8VCTQ3bg7NW3%2FJeczO59D0d4TX8LL0e4mfLDnDN4F8PZel3E5A6Xeboq0%2BW3GONlTHRL2bNigrtnd1TpvCRrrp0dQQE5OYg2%2FSFkourPBwzX8%2FBsGArL8MU6aXTiD7Y5ztCbea8HnL4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=15552000
cf-ray
85987d515932d0d9-AMS
alt-svc
h3=":443"; ma=86400
entry.046166f5.js
cf.bbaa.moe/assets/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bbaa.moe/assets/entry.046166f5.js
Requested by
Host: cf.bbaa.moe
URL: https://cf.bbaa.moe/assets/index.75e31196.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:9769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c25a6a9ab06e342d7f81b14ddce12119c7a058dbbf854bff701f776635c1cc

Request headers

Referer
https://cf.bbaa.moe/assets/index.75e31196.js
Origin
https://cf.bbaa.moe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 16:08:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 22 Feb 2024 16:08:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6nHgW%2Bl0gkQ8zZ%2BDnQM8H%2FJQOS%2BeQSNXUHzVIwK4oWZj0Xqnz0uyFc7sPUV4ZO9qZetE7LmLyDyf9Edzfxj8R%2Fx6p7BC0jYE6%2FIHQftK2fpES9q8Vci9ZeJyTMcjw2VtILwqvZUFoaKxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=15552000
cf-ray
85987d63dab41ff7-IAD
alt-svc
h3=":443"; ma=86400
settings
cf.bbaa.moe/api/public/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cf.bbaa.moe/api/public/settings
Requested by
Host: cf.bbaa.moe
URL: https://cf.bbaa.moe/assets/index.75e31196.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:9769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8617f31847d6d45900540fa21c1d5433418999305d4964e2ecfa58c7d6ad66e6

Request headers

Accept
application/json, text/plain, */*
Referer
https://cf.bbaa.moe/
accept-language
de-DE,de;q=0.9
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 16:08:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeqDPEMjFNicYdespLUjYc78ymAkagZR6R1Y3Ng1skEmeLWWrWcntmB1XJHwTQiKCJ9yYn3Lli1918gJEKDVrazt5NO1IJ2pKC5TqFBWKhGHfoc930%2B3uwzHsPUYMUk7s8gbIBjjaMmTpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cf-ray
85987d63eabf1ff7-IAD
alt-svc
h3=":443"; ma=86400
me
cf.bbaa.moe/api/ 		73 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cf.bbaa.moe/api/me
Requested by
Host: cf.bbaa.moe
URL: https://cf.bbaa.moe/assets/index.75e31196.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:9769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ac1df64f3a61ca56d4384704c80aa707435ba54e52315978b5aefaf0b3ab75c

Request headers

Accept
application/json, text/plain, */*
Referer
https://cf.bbaa.moe/
accept-language
de-DE,de;q=0.9
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 16:08:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjMgVt%2BQGDQLKeqcwTza3OViwVMGC6k%2BTOIL%2FGhKkLCAPDZWs2V6it8uZ26FDgyvbRAaDUYlfz3cilk9Nz4S6BGkqAb%2B8Iy5T%2B9mzgbTNJq3%2Fj243%2BhTS8N%2Bwm5eB1vLPGwV2xzS0S089g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cf-ray
85987d6b1bdd1ff7-IAD
alt-svc
h3=":443"; ma=86400
index.8f8c260b.js
cf.bbaa.moe/assets/ 		0
0
index.b25986ba.js
cf.bbaa.moe/assets/ 		0
0
webauthn-json.browser-ponyfill.1c672167.js
cf.bbaa.moe/assets/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cf.bbaa.moe
URL
https://cf.bbaa.moe/assets/index.8f8c260b.js
Domain
cf.bbaa.moe
URL
https://cf.bbaa.moe/assets/index.b25986ba.js
Domain
cf.bbaa.moe
URL
https://cf.bbaa.moe/assets/webauthn-json.browser-ponyfill.1c672167.js

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ALIST string| __dynamic_base__ boolean| __vite_is_modern_browser object| aliyun object| WPS

0 Cookies