ccp.netcup.net
Open in
urlscan Pro
46.38.224.29
Malicious Activity!
Public Scan
Submission: On November 01 via manual from DE — Scanned from DE
Summary
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on October 10th 2023. Valid for: a year.
This is the only time ccp.netcup.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: netcup (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 46.38.224.29 46.38.224.29 | 197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH) | |
12 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
netcup.net
ccp.netcup.net |
249 KB |
12 | 1 |
Domain | Requested by | |
---|---|---|
12 | ccp.netcup.net |
ccp.netcup.net
|
12 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.netcup.de |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.netcup.net RapidSSL TLS RSA CA G1 |
2023-10-10 - 2024-10-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ccp.netcup.net/
Frame ID: 1466272EA4F6A67B3667323060E5CC88
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
netcup ccpDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Impressum
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
ccp.netcup.net/ |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.6.1.min.js
ccp.netcup.net/klassen/ |
88 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global.js
ccp.netcup.net/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
ccp.netcup.net/klassen/bootstrap/dist/js/ |
59 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
datepicker.min.js
ccp.netcup.net/klassen/datepicker/ |
46 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
ccp.netcup.net/klassen/bootstrap/dist/css/ |
157 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all.min.css
ccp.netcup.net/klassen/fontawesome/css/ |
52 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
datepicker.min.css
ccp.netcup.net/klassen/datepicker/ |
33 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
netcupccp.css
ccp.netcup.net/css/ |
69 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
de.gif
ccp.netcup.net/images/flags/ |
295 B 688 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gb.gif
ccp.netcup.net/images/flags/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fa-solid-900.woff2
ccp.netcup.net/klassen/fontawesome/webfonts/ |
77 KB 78 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: netcup (Online)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery function| getNoCsrfToken function| toggleReportTranslation function| reportTranslationLink function| jumpWebsite function| loadDataProcessingAgreementModal function| dataProcessingAgreementDecision function| doSSOAuthentication function| loadingshow function| loadinghide function| initDatePicker function| showTab function| reArrangeElements object| bootstrap2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ccp.netcup.net/ | Name: CCP-Frontend Value: xhqmHMI2IidsmcF5UKaN3ZttaET7ebKKXk6rsa/DsRmPm8TOyGIcsET3w4d+n17gyqjjWib6VhHYci46C86rsqP2QY3rJA== |
|
ccp.netcup.net/ | Name: cookiesession1 Value: 678A3E12F8E0299F571310331AF089C6 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self'; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ccp.netcup.net
46.38.224.29
18251a2e1486a0256dd2925f20a42886202e4eefe5635378377cfd02d1018416
2ef427c209486347560c4afab354d8e1ec8c083c6e62e2606822860dd569696c
37a7ad5d14285c48cb28d485dc7851b975224b4780b57810e245a592e194278f
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
722cb239a6eb0f2103af2d438ecaf8dd329bef2a90fd9443aba18e1489a761e5
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
ae88ec3c15164ecc3256f4141f484be82829f32de416743985ce48dc1260b264
d6949a915d81a822b6af88d787cc2c77c27021cc5d3426e381c3b98585aa19b6
f1bec6d12b07b60c7f8210d6700adb0ffc1ceeccbf5c06017dee9d81fb5b3e9c
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903