cksxss.xyz Open in urlscan Pro
2606:4700:3035::6815:2bba Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hanner-blobal.com/d8609f2d-02d4-4835-baba-ce7647bee8e9?siteid=819758&conversion=6397416545117876661
Effective URL:
https://cksxss.xyz/6/3/
Submission: On January 28 via manual (January 28th 2022, 4:37:04 pm UTC) from US — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 4 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3035::6815:2bba, located in United States and belongs to CLOUDFLARENET, US. The main domain is cksxss.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 22nd 2022. Valid for: a year.

This is the only time cksxss.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.195.123.247 18.195.123.247	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:303... 2606:4700:3035::6815:2bba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	198.27.80.143 198.27.80.143	16276 (OVH) (OVH)
8	3

1 18.195.123.247 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-123-247.eu-central-1.compute.amazonaws.com

hanner-blobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3035::6815:2bba (United States)

ASN13335 (CLOUDFLARENET, US)

cksxss.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.27.80.143 (Canada)

ASN16276 (OVH, FR)
PTR: ns558056.ip-198-27-80.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	cksxss.xyz cksxss.xyz	105 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 14234 s4.histats.com — Cisco Umbrella Rank: 12293	5 KB
1	hanner-blobal.com 1 redirects hanner-blobal.com — Cisco Umbrella Rank: 84658	568 B
8	3

	Domain	Requested by
6	cksxss.xyz	cksxss.xyz
1	s4.histats.com	s10.histats.com
1	s10.histats.com	cksxss.xyz
1	hanner-blobal.com	1 redirects
8	4

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-22` - `2023-01-21`	a year	crt.sh
histats.com R3	`2022-01-21` - `2022-04-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cksxss.xyz/6/3/
Frame ID: BB3BA403A2B33027EF0B9FA870E69C1F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Extension

Page URL History Show full URLs

https://hanner-blobal.com/d8609f2d-02d4-4835-baba-ce7647bee8e9?siteid=819758&conversion=63974165451178... HTTP 302
https://cksxss.xyz/6/3/ Page URL

Page Statistics

8
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

3
IPs

4
Countries

110 kB
Transfer

336 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hanner-blobal.com/d8609f2d-02d4-4835-baba-ce7647bee8e9?siteid=819758&conversion=6397416545117876661 HTTP 302
https://cksxss.xyz/6/3/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response cksxss.xyz/6/3/ Redirect Chain https://hanner-blobal.com/d8609f2d-02d4-4835-baba-ce7647bee8e9?siteid=819758&conversion=6397416545117876661 https://cksxss.xyz/6/3/	38 KB 6 KB	677ms 621ms	Document text/html	2606:4700:3035::6815:2bba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cksxss.xyz/6/3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:2bba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `492104d49000b51d08e275a95febdc303ab89cffb07a7d4f2307cde33501d0f9` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Fri, 28 Jan 2022 16:36:59 GMT content-type text/html last-modified Sun, 19 Dec 2021 16:22:18 GMT cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWLH6%2FxQHfCZ3ENMghKKGwL9LNVH2%2FYmdif2o8buqumTak4PDW2m2KU6be31PcBtDscwFE5AF81smw06NiCcKPDLHXPFYAJ4BQBJBg%2BNnr5gyfEOGPHswTyk7VxfVPdMdgn%2FS7hoGaiD"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6d4ba48b0d726977-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers server nginx date Fri, 28 Jan 2022 16:36:58 GMT content-length 0 cache-control no-store, no-cache, pre-check=0, post-check=0 expires Thu, 01 Jan 1970 00:00:00 GMT location https://cksxss.xyz/6/3/ pragma no-cache
GET H2	200	main.css cksxss.xyz/6/3/	196 KB 9 KB	1273ms 1272ms	Stylesheet text/css	2606:4700:3035::6815:2bba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cksxss.xyz/6/3/main.css Requested by Host: cksxss.xyz URL: https://cksxss.xyz/6/3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:2bba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8f21791839f9a66cefffc072297412575e052e77fb9bb6e89c85f2817d6594e3` Request headers Accept-Language de-DE,de;q=0.9 Referer https://cksxss.xyz/6/3/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 16:37:00 GMT content-encoding br cf-cache-status MISS last-modified Sun, 19 Dec 2021 11:53:06 GMT server cloudflare etag W/"61bf1d22-30fea" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPVckBCp3IRLBVgnzFdwwScz1qPUPFYd%2FMRJnzjRbKNLrsid3SAz5N5rfVGnAP%2FpYhQe9%2B7A3K0ItSH2ZS4velLMsGYR2tbQ1rhVDjLVhYJxWwPAYt19nXfnKR%2B61NPMd8u1ila33RuN"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6d4ba48f0eaf6977-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	504ffb97eb61c00af3f850292e37f02f.svg cksxss.xyz/6/3/	396 B 620 B	556ms 555ms	Image image/svg+xml	2606:4700:3035::6815:2bba CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cksxss.xyz/6/3/504ffb97eb61c00af3f850292e37f02f.svg Requested by Host: cksxss.xyz URL: https://cksxss.xyz/6/3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:2bba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `300ca825f7067862d9a823dc224b58e31fbd6c077cd992ee7b8e2f34c41ea967` Request headers Accept-Language de-DE,de;q=0.9 Referer https://cksxss.xyz/6/3/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 16:36:59 GMT content-encoding br cf-cache-status MISS last-modified Sun, 19 Dec 2021 09:30:50 GMT server cloudflare etag W/"61befbca-18c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYk5b5Zcb%2Frb0r4uv%2F3TGhtt0ogyP6qIbQwEfRbe47b5rCPehcuucY3r0V4mlWPIqmrIm9yNLkIRSx7NzaG9HyPU1n%2FcrjCUGh%2F1pyl4uDP6mAQzkIL%2BLddSsRq6U%2F7yl7ILjXUPjcsz"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6d4ba48f0eb36977-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	d9617294399ea299ad20b90fc2d60bf4.webp cksxss.xyz/6/3/	71 KB 72 KB	1006ms 1006ms	Image image/webp	2606:4700:3035::6815:2bba CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cksxss.xyz/6/3/d9617294399ea299ad20b90fc2d60bf4.webp Requested by Host: cksxss.xyz URL: https://cksxss.xyz/6/3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:2bba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0b0c3fae3646d140d4bde5454b4ec5097289fb9a81617c5fd93389cde24a595b` Request headers Accept-Language de-DE,de;q=0.9 Referer https://cksxss.xyz/6/3/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 16:37:00 GMT cf-cache-status MISS last-modified Sun, 19 Dec 2021 10:12:54 GMT server cloudflare etag "61bf05a6-11ca8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrOkUnBabUjDuIrJ8q5bcb8WFo%2BpzL5mt82EdGg%2FBsoabpVmTZzrYcFIYEo44FRPpDfvzaC3mxYVSDG%2FkKP1kbwJcN%2FgS%2Bm6mBwLbMc5zgRXXQwuPwsQplr5KiMSKOKKq0ta35VHQexd"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6d4ba48f0ee56977-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 72872
GET H3	200	up-arrow.png cksxss.xyz/6/3/	15 KB 16 KB	864ms 863ms	Image image/png	2606:4700:3035::6815:2bba CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cksxss.xyz/6/3/up-arrow.png Requested by Host: cksxss.xyz URL: https://cksxss.xyz/6/3/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:2bba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `20ce67585c83c4d88bc322db62561a752bf2f344716066c28c62c87820f76f1e` Request headers Accept-Language de-DE,de;q=0.9 Referer https://cksxss.xyz/6/3/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 16:37:00 GMT cf-cache-status MISS last-modified Fri, 25 Jun 2021 22:21:00 GMT server cloudflare etag "60d656cc-3d68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOa3DjHBGnrTr3ZpDvFBgoeZnrJKwKt%2FZa45nGz6oiTcX2l7mGEzFgel12ejQ%2BHDtlbaw%2FvDrA6LwILVVeNLF%2FdlLMZX5FHiERAJsrOGU1kVxm6VckNeykpFep4MkKJmN%2Bus72F%2BB1xV"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6d4ba490be2a92b3-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15720
GET H3	200	main.js Show response cksxss.xyz/6/3/	3 KB 2 KB	622ms 622ms	Script application/javascript	2606:4700:3035::6815:2bba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cksxss.xyz/6/3/main.js Requested by Host: cksxss.xyz URL: https://cksxss.xyz/6/3/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:2bba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `16ae0b7272d31269327165ce04b6ba2d460cff3039d551f4eee81cd50ed8b6e3` Request headers Accept-Language de-DE,de;q=0.9 Referer https://cksxss.xyz/6/3/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 16:37:00 GMT content-encoding br cf-cache-status MISS last-modified Thu, 27 Jan 2022 20:32:22 GMT server cloudflare etag W/"61f30156-d5e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbblGoK3qfVRN5aV0EVEAwj7qyz%2FkFqWUb%2FFST7tLv57%2FSvKy6fD0jpwyEsvqarvLqYfwKiIMYxOlzuWYVdP9Z%2B2tyk8y3Aryvk0bDqXfHvTWliuV4tBsJuHQRKMQ8WbAESMM%2BiNi4SJ"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6d4ba490be2c92b3-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 5 KB	53ms 10ms	Script application/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: cksxss.xyz URL: https://cksxss.xyz/6/3/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash `2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede` Request headers Accept-Language de-DE,de;q=0.9 Referer https://cksxss.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 16:30:52 GMT content-encoding br last-modified Thu, 16 Apr 2020 10:44:16 GMT x-cdn-pop-ip 137.74.120.0/27 etag "-375139978" x-cacheable Matched cache content-type application/javascript; charset=UTF-8 x-cdn-pop sbg accept-ranges bytes content-length 4364 x-request-id 873005835
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	65 B 199 B	305ms 108ms	Script text/html	198.27.80.143 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?3450293&@f16&@g1&@h1&@i1&@j1643387820729&@k0&@l1&@mExtension&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-50794837&@b3:1643387821&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcksxss.xyz%2F6%2F3%2F&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.27.80.143 , Canada, ASN16276 (OVH, FR), Reverse DNS ns558056.ip-198-27-80.net Software / Resource Hash `c02c40a81777cb8bbd335ba7617bbab118a95b65f44c8792785374353469d4a9` Request headers Accept-Language de-DE,de;q=0.9 Referer https://cksxss.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 16:37:00 GMT Connection close Content-Length 65 Content-Type text/html;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hanner-blobal.com/	1970-01-20 00:31:14	Name: d8609f2d-02d4-4835-baba-ce7647bee8e9-v4 Value: R_xXLyoXd-tgbdoNCBN1E3obcqeUg03FCIFpPU8KuPE
.hanner-blobal.com/	1970-01-20 09:15:23	Name: cc-v4 Value: mhgXdX%2BLzUeoHAgCIWxq%2Bl5J%2B1kUoty1IUMN58JzYKhk5F6K6gKSTA1sCyGCPT5QzNYcnYoAS5AG52C1ur70jJlv%2BcJmvwulG9w%2FzX0aFEs6AakCNY9ZZc7JiLk1wfP3%2FLS30T0ZQmF9pp9YPHWAlw%3D%3D
cksxss.xyz/	1970-01-20 09:15:23	Name: HstCfa3450293 Value: 1643387820729
cksxss.xyz/	1970-01-20 09:15:23	Name: HstCla3450293 Value: 1643387820729
cksxss.xyz/	1970-01-20 09:15:23	Name: HstCmu3450293 Value: 1643387820729
cksxss.xyz/	1970-01-20 09:15:23	Name: HstPn3450293 Value: 1
cksxss.xyz/	1970-01-20 09:15:23	Name: HstPt3450293 Value: 1
cksxss.xyz/	1970-01-20 09:15:23	Name: HstCnv3450293 Value: 1
cksxss.xyz/	1970-01-20 09:15:23	Name: HstCns3450293 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cksxss.xyz
hanner-blobal.com
s10.histats.com
s4.histats.com
18.195.123.247
198.27.80.143
2606:4700:3035::6815:2bba
46.105.201.240
0b0c3fae3646d140d4bde5454b4ec5097289fb9a81617c5fd93389cde24a595b
16ae0b7272d31269327165ce04b6ba2d460cff3039d551f4eee81cd50ed8b6e3
20ce67585c83c4d88bc322db62561a752bf2f344716066c28c62c87820f76f1e
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
300ca825f7067862d9a823dc224b58e31fbd6c077cd992ee7b8e2f34c41ea967
492104d49000b51d08e275a95febdc303ab89cffb07a7d4f2307cde33501d0f9
8f21791839f9a66cefffc072297412575e052e77fb9bb6e89c85f2817d6594e3
c02c40a81777cb8bbd335ba7617bbab118a95b65f44c8792785374353469d4a9

cksxss.xyz Open in urlscan Pro 2606:4700:3035::6815:2bba Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

100 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

3 IPs

4 Countries

110 kBTransfer

336 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

9 Cookies

Indicators

cksxss.xyz Open in urlscan Pro
2606:4700:3035::6815:2bba Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

3
IPs

4
Countries

110 kB
Transfer

336 kB
Size

9
Cookies

8 HTTP transactions
0 data transactions