cccs-swmo.com - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3033::ac43:cc2a, located in United States and belongs to CLOUDFLARENET, US. The main domain is cccs-swmo.com.

This is the only time cccs-swmo.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

	IP Address		AS Autonomous System
7	2606:4700:303... 2606:4700:3033::ac43:cc2a		13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	1

7 2606:4700:3033::ac43:cc2a (United States)

ASN13335 (CLOUDFLARENET, US)

cccs-swmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cccs-swmo.com cccs-swmo.com	188 KB
7	1

	Domain	Requested by
7	cccs-swmo.com	cccs-swmo.com
7	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://cccs-swmo.com/Login?sslchannel=true&sessionid=ictjdiHTsEQXkx8NQJLJ3r9SufsFIoUgR9lGkMt8clIi96oV7Dl66vRmkhbosB9haS7lpC7YFlo7fDdqjbseXhx2Ajk8fdTZ3zJd6B7hkRVTwcmzN3AsBFNh4vNVtk2e6G
Frame ID: 7F97E78BBD781330F3D16EB70C964C0E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

188 kB
Transfer

630 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Login Show response cccs-swmo.com/	22 KB 6 KB	352ms 168ms	Document text/html	2606:4700:3033::ac43:cc2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://cccs-swmo.com/Login?sslchannel=true&sessionid=ictjdiHTsEQXkx8NQJLJ3r9SufsFIoUgR9lGkMt8clIi96oV7Dl66vRmkhbosB9haS7lpC7YFlo7fDdqjbseXhx2Ajk8fdTZ3zJd6B7hkRVTwcmzN3AsBFNh4vNVtk2e6G Protocol HTTP/1.1 Server 2606:4700:3033::ac43:cc2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3279c0cee93b3a72b0ce3719fac074d8cb06db0b2d74a07ac0e3a833f4691410` Request headers Accept-Language de-DE,de;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers CF-Cache-Status DYNAMIC CF-RAY 6f651b322aff9bd0-FRA Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sun, 03 Apr 2022 22:05:32 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Pragma no-cache Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irZbuhxRgz6g8wU6psZvn7gDMZbOwDoBSNsjjSVPwIHwRWt3PSOmWVNwYvZmjFGx1KQ2JUnNd4cQGv87zZtf%2FDVf09Rgk54KN%2BZ7sTF1HVKCNRC7c3rWcF83%2Bioz%2FBnO5CqXL7dd2Anp9qMy"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	te04d7b5db39480.css cccs-swmo.com/sa_assetz/css/	275 KB 45 KB	198ms 197ms	Stylesheet text/css	2606:4700:3033::ac43:cc2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://cccs-swmo.com/sa_assetz/css/te04d7b5db39480.css Requested by Host: cccs-swmo.com URL: http://cccs-swmo.com/Login?sslchannel=true&sessionid=ictjdiHTsEQXkx8NQJLJ3r9SufsFIoUgR9lGkMt8clIi96oV7Dl66vRmkhbosB9haS7lpC7YFlo7fDdqjbseXhx2Ajk8fdTZ3zJd6B7hkRVTwcmzN3AsBFNh4vNVtk2e6G Protocol HTTP/1.1 Server 2606:4700:3033::ac43:cc2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bea4b083f831a12b15195da570e1e1d27148c38fc25a73ea290e9abc57cf4494` Request headers Accept-Language de-DE,de;q=0.9 Referer http://cccs-swmo.com/Login?sslchannel=true&sessionid=ictjdiHTsEQXkx8NQJLJ3r9SufsFIoUgR9lGkMt8clIi96oV7Dl66vRmkhbosB9haS7lpC7YFlo7fDdqjbseXhx2Ajk8fdTZ3zJd6B7hkRVTwcmzN3AsBFNh4vNVtk2e6G User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Sun, 03 Apr 2022 22:05:32 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 44890 Last-Modified Sun, 27 Mar 2022 19:24:36 GMT Server cloudflare ETag "44bd4-5db38257a8d9e-gzip" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1a4V2ukNaUWFcfEC3jbhfTNIVDkb8DfaM7Xn4p6pJPOrv15BjhDbLbdIWqAyrO4owVT34H6Jd0IjebSnXBcPScgcwDF3QSFFAyfJcLxGj%2FZqAD4BSyJ2rW29ZfNntFXx4O0pufaFMdKgVEMR"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 6f651b335d2e9bd0-FRA
GET H/1.1	200 OK	jquery.js Show response cccs-swmo.com/sa_assetz/js/	266 KB 78 KB	174ms 167ms	Script application/javascript	2606:4700:3033::ac43:cc2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://cccs-swmo.com/sa_assetz/js/jquery.js Requested by Host: cccs-swmo.com URL: http://cccs-swmo.com/Login?sslchannel=true&sessionid=ictjdiHTsEQXkx8NQJLJ3r9SufsFIoUgR9lGkMt8clIi96oV7Dl66vRmkhbosB9haS7lpC7YFlo7fDdqjbseXhx2Ajk8fdTZ3zJd6B7hkRVTwcmzN3AsBFNh4vNVtk2e6G Protocol HTTP/1.1 Server 2606:4700:3033::ac43:cc2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `84086bb634fc6fd223918894c6b74641811e06e84007937c5809942b7a02ddff` Request headers Accept-Language de-DE,de;q=0.9 Referer http://cccs-swmo.com/Login?sslchannel=true&sessionid=ictjdiHTsEQXkx8NQJLJ3r9SufsFIoUgR9lGkMt8clIi96oV7Dl66vRmkhbosB9haS7lpC7YFlo7fDdqjbseXhx2Ajk8fdTZ3zJd6B7hkRVTwcmzN3AsBFNh4vNVtk2e6G User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Sun, 03 Apr 2022 22:05:32 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Sun, 27 Mar 2022 19:24:46 GMT Server cloudflare NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} ETag "42719-5db382610e0f3-gzip" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shiHUe%2F1K5ZUdZffXeJYhiLL5K4txsh%2BzRiCIshv4UctQEXM8razd1pe5oeJTJqlh%2BfAXGRuJcGESQzOYSSKfH2LJq3ExN1JQ%2BePWB5Kh%2F9E%2B7YWXDuFMk7RN13YEOi84QXiVbTU73aq00Hm"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6f651b336d5f69a3-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	tb1bf8dbe4aebc9.svg cccs-swmo.com/sa_assetz/img/	16 KB 6 KB	145ms 145ms	Image image/svg+xml	2606:4700:3033::ac43:cc2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://cccs-swmo.com/sa_assetz/img/tb1bf8dbe4aebc9.svg Requested by Host: cccs-swmo.com URL: http://cccs-swmo.com/Login?sslchannel=true&sessionid=ictjdiHTsEQXkx8NQJLJ3r9SufsFIoUgR9lGkMt8clIi96oV7Dl66vRmkhbosB9haS7lpC7YFlo7fDdqjbseXhx2Ajk8fdTZ3zJd6B7hkRVTwcmzN3AsBFNh4vNVtk2e6G Protocol HTTP/1.1 Server 2606:4700:3033::ac43:cc2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `74bcd86bc937c41e4045ef2a14f6619ffc828ceeca96e7c1946330c34abba648` Request headers Accept-Language de-DE,de;q=0.9 Referer http://cccs-swmo.com/Login?sslchannel=true&sessionid=ictjdiHTsEQXkx8NQJLJ3r9SufsFIoUgR9lGkMt8clIi96oV7Dl66vRmkhbosB9haS7lpC7YFlo7fDdqjbseXhx2Ajk8fdTZ3zJd6B7hkRVTwcmzN3AsBFNh4vNVtk2e6G User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Sun, 03 Apr 2022 22:05:32 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Sun, 27 Mar 2022 19:24:45 GMT Server cloudflare ETag W/"401a-5db3825fa99fb" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Stq53DzTa0%2BAf7yTSNIaMJIxmpMVm2xvOyZfy4LSDhw%2BoyeINiCeeuY1QN%2FZRjrIe6DelHVkSSVD%2B4TgYCul72umx5dEdStJhtMtliLdR0LueWy08zVyjuWhO6z%2BtKpuz5%2FOf0oFoJqmoZLm"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6f651b349f009bd0-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	t9331c8585fc6c1.png cccs-swmo.com/sa_assetz/img/	7 KB 8 KB	100ms 99ms	Image image/png	2606:4700:3033::ac43:cc2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://cccs-swmo.com/sa_assetz/img/t9331c8585fc6c1.png Requested by Host: cccs-swmo.com URL: http://cccs-swmo.com/Login?sslchannel=true&sessionid=ictjdiHTsEQXkx8NQJLJ3r9SufsFIoUgR9lGkMt8clIi96oV7Dl66vRmkhbosB9haS7lpC7YFlo7fDdqjbseXhx2Ajk8fdTZ3zJd6B7hkRVTwcmzN3AsBFNh4vNVtk2e6G Protocol HTTP/1.1 Server 2606:4700:3033::ac43:cc2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `622cdddf9135812f42c5b6396df2b08c836819bb84d0bcd9e82e779d0a4ad469` Request headers Accept-Language de-DE,de;q=0.9 Referer http://cccs-swmo.com/Login?sslchannel=true&sessionid=ictjdiHTsEQXkx8NQJLJ3r9SufsFIoUgR9lGkMt8clIi96oV7Dl66vRmkhbosB9haS7lpC7YFlo7fDdqjbseXhx2Ajk8fdTZ3zJd6B7hkRVTwcmzN3AsBFNh4vNVtk2e6G User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Sun, 03 Apr 2022 22:05:32 GMT CF-Cache-Status MISS Last-Modified Sun, 27 Mar 2022 19:24:44 GMT Server cloudflare ETag "1b6e-5db3825ebf415" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OPINvLRJXdKFVze0xBTazK%2Fkvlwpf24FnN6HVaDqAAomQCA0zqgzDx3B9tq1IjimclCu4aH4fXw2uKB%2B8uKmUT%2FBC4lLrKlbQN1EygWBiSc2ehZWIH5NTWR331MGJgv3GEa8GmIGD2duEd9"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6f651b34bf3969a3-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 7022
GET H/1.1	200 OK	tc353134156588a.png cccs-swmo.com/sa_assetz/img/	39 KB 40 KB	151ms 145ms	Image image/png	2606:4700:3033::ac43:cc2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://cccs-swmo.com/sa_assetz/img/tc353134156588a.png Requested by Host: cccs-swmo.com URL: http://cccs-swmo.com/Login?sslchannel=true&sessionid=ictjdiHTsEQXkx8NQJLJ3r9SufsFIoUgR9lGkMt8clIi96oV7Dl66vRmkhbosB9haS7lpC7YFlo7fDdqjbseXhx2Ajk8fdTZ3zJd6B7hkRVTwcmzN3AsBFNh4vNVtk2e6G Protocol HTTP/1.1 Server 2606:4700:3033::ac43:cc2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d3d6aefec9d4c8294072e8a246a45716badf57373b71990f6254b4c480245288` Request headers Accept-Language de-DE,de;q=0.9 Referer http://cccs-swmo.com/Login?sslchannel=true&sessionid=ictjdiHTsEQXkx8NQJLJ3r9SufsFIoUgR9lGkMt8clIi96oV7Dl66vRmkhbosB9haS7lpC7YFlo7fDdqjbseXhx2Ajk8fdTZ3zJd6B7hkRVTwcmzN3AsBFNh4vNVtk2e6G User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Sun, 03 Apr 2022 22:05:32 GMT CF-Cache-Status MISS Last-Modified Sun, 27 Mar 2022 19:24:46 GMT Server cloudflare ETag "9d92-5db38260ac67e" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3curAkpI5l2KS1P7Ay%2BnpqZkEnmY52HeNfyWkATVC3XtUxLO4C8%2B6CmNL%2FpaKYb%2F6wgBFUR2OtEBZw8MuFUHzmVL4JRmRsvqHrfYM%2FMMddTBRQOOS163E3c%2BJzMfp%2BB2GDMK33DuNLmTnIwf"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6f651b34ee8d91d1-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 40338
GET H/1.1	200 OK	tea134351ff9f1e.jpg cccs-swmo.com/sa_assetz/img/	6 KB 6 KB	111ms 105ms	Image image/jpeg	2606:4700:3033::ac43:cc2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://cccs-swmo.com/sa_assetz/img/tea134351ff9f1e.jpg Requested by Host: cccs-swmo.com URL: http://cccs-swmo.com/Login?sslchannel=true&sessionid=ictjdiHTsEQXkx8NQJLJ3r9SufsFIoUgR9lGkMt8clIi96oV7Dl66vRmkhbosB9haS7lpC7YFlo7fDdqjbseXhx2Ajk8fdTZ3zJd6B7hkRVTwcmzN3AsBFNh4vNVtk2e6G Protocol HTTP/1.1 Server 2606:4700:3033::ac43:cc2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4aed1efbbe0bb753684998625ef250fb40086fa7806930d159d80499a5aaf753` Request headers Accept-Language de-DE,de;q=0.9 Referer http://cccs-swmo.com/Login?sslchannel=true&sessionid=ictjdiHTsEQXkx8NQJLJ3r9SufsFIoUgR9lGkMt8clIi96oV7Dl66vRmkhbosB9haS7lpC7YFlo7fDdqjbseXhx2Ajk8fdTZ3zJd6B7hkRVTwcmzN3AsBFNh4vNVtk2e6G User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Sun, 03 Apr 2022 22:05:32 GMT CF-Cache-Status MISS Last-Modified Sun, 27 Mar 2022 19:24:47 GMT Server cloudflare ETag "1658-5db38261a9542" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YEuKAR42qyIlvd6mfnh1TDPjtwSedFPms6sZ6J%2B7c8foBsy3D5frCJ8LjRV6q34hF4F2ujGBzKrmOdt5zhHrExTPtC3TZ9RO4RvIMTRy2f5n5mxVUF3iXA7V7nd1q8Nl9zuibFt7g9A7UJg"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6f651b34edd59b55-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 5720

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cccs-swmo.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: p5rfeavr7r94j7u18uh92p1clg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cccs-swmo.com
2606:4700:3033::ac43:cc2a
3279c0cee93b3a72b0ce3719fac074d8cb06db0b2d74a07ac0e3a833f4691410
4aed1efbbe0bb753684998625ef250fb40086fa7806930d159d80499a5aaf753
622cdddf9135812f42c5b6396df2b08c836819bb84d0bcd9e82e779d0a4ad469
74bcd86bc937c41e4045ef2a14f6619ffc828ceeca96e7c1946330c34abba648
84086bb634fc6fd223918894c6b74641811e06e84007937c5809942b7a02ddff
bea4b083f831a12b15195da570e1e1d27148c38fc25a73ea290e9abc57cf4494
d3d6aefec9d4c8294072e8a246a45716badf57373b71990f6254b4c480245288

cccs-swmo.com Open in urlscan Pro 2606:4700:3033::ac43:cc2a Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

0 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

188 kBTransfer

630 kBSize

1 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

25 JavaScript Global Variables

1 Cookies

Indicators

cccs-swmo.com Open in urlscan Pro
2606:4700:3033::ac43:cc2a Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

188 kB
Transfer

630 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!