ccl1.xyz Open in urlscan Pro
38.242.248.53 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://no2cyx3.jeffthornton.biz/5e
Effective URL:
http://ccl1.xyz/49nY
Submission: On May 17 via manual (May 17th 2022, 9:41:43 am UTC) from FR — Scanned from FR

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 38.242.248.53, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is ccl1.xyz.

This is the only time ccl1.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	194.110.55.152 194.110.55.152	48716 (PSKZ-ALA) (PSKZ-ALA)
2	38.242.248.53 38.242.248.53	51167 (CONTABO) (CONTABO)
2	1

1 194.110.55.152 (Kazakhstan) 1 redirects

ASN48716 (PSKZ-ALA, KZ)

no2cyx3.jeffthornton.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.242.248.53 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi839191.contaboserver.net

ccl1.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	ccl1.xyz ccl1.xyz	16 KB
1	jeffthornton.biz 1 redirects no2cyx3.jeffthornton.biz	221 B
2	2

	Domain	Requested by
2	ccl1.xyz	ccl1.xyz
1	no2cyx3.jeffthornton.biz	1 redirects
2	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://ccl1.xyz/49nY
Frame ID: CDD13C572149787C3C38F5780B289493
Requests: 1 HTTP requests in this frame

Frame: http://ccl1.xyz/go.php?ufgh=1
Frame ID: 800BECE457C37E9057F6148EADBE4577
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://no2cyx3.jeffthornton.biz/5e HTTP 302
http://ccl1.xyz/49nY Page URL

Page Statistics

2
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

16 kB
Transfer

16 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://no2cyx3.jeffthornton.biz/5e HTTP 302
http://ccl1.xyz/49nY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 49nY Show response ccl1.xyz/ Redirect Chain http://no2cyx3.jeffthornton.biz/5e http://ccl1.xyz/49nY	8 KB 8 KB	555ms 272ms	Document text/html	38.242.248.53 CONTABO
General Check archive.org Show headers Download Go to Full URL http://ccl1.xyz/49nY Protocol HTTP/1.1 Server 38.242.248.53 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi839191.contaboserver.net Software nginx/1.20.2 / PHP/8.1.3 Resource Hash `722bf4f521175315cdc0aa37161f816b6fcf34a0f66554f6becff8bed497db7b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Tue, 17 May 2022 09:41:39 GMT Server nginx/1.20.2 Transfer-Encoding chunked X-Powered-By PHP/8.1.3 Redirect headers Connection keep-alive Content-Length 142 Content-Type text/html Date Tue, 17 May 2022 09:43:39 GMT Location http://ccl1.xyz/49nY Server nginx/1.20.2 X-Powered-By PHP/7.2.30
GET H/1.1	200 OK	go.php Show response ccl1.xyz/ Frame 800B	8 KB 8 KB	847ms 846ms	Document text/html	38.242.248.53 CONTABO
General Check archive.org Show headers Download Go to Full URL http://ccl1.xyz/go.php?ufgh=1 Requested by Host: ccl1.xyz URL: http://ccl1.xyz/49nY Protocol HTTP/1.1 Server 38.242.248.53 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi839191.contaboserver.net Software nginx/1.20.2 / PHP/8.1.3 Resource Hash `07b378b075efacba19f8c16aeb5c9f12836798285b654a26303acae7fbe759d1` Request headers Referer http://ccl1.xyz/49nY Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Tue, 17 May 2022 09:41:40 GMT Server nginx/1.20.2 Transfer-Encoding chunked X-Powered-By PHP/8.1.3

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ccl1.xyz
no2cyx3.jeffthornton.biz
194.110.55.152
38.242.248.53
07b378b075efacba19f8c16aeb5c9f12836798285b654a26303acae7fbe759d1
722bf4f521175315cdc0aa37161f816b6fcf34a0f66554f6becff8bed497db7b

ccl1.xyz Open in urlscan Pro 38.242.248.53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

2 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

16 kBTransfer

16 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

ccl1.xyz Open in urlscan Pro
38.242.248.53 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

16 kB
Transfer

16 kB
Size

0
Cookies

2 HTTP transactions
0 data transactions