blackcloud-demo.info Open in urlscan Pro
104.21.6.68 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://blackcloud-demo.info/
Effective URL:
http://blackcloud-demo.info/login.php
Submission Tags: @ecarlesi #phishing #bbva #namesilo Search All
Submission: On December 17 via api (December 17th 2022, 2:14:03 am UTC) from FI — Scanned from FI

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 104.21.6.68, located in and belongs to CLOUDFLARENET, US. The main domain is blackcloud-demo.info.

This is the only time blackcloud-demo.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BBVA (Financial)

Domain & IP information

	IP Address		AS Autonomous System
17	104.21.6.68 104.21.6.68		13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2

17 104.21.6.68 (None, )

ASN13335 (CLOUDFLARENET, US)

blackcloud-demo.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	blackcloud-demo.info blackcloud-demo.info	571 KB
17	1

	Domain	Requested by
17	blackcloud-demo.info	blackcloud-demo.info
17	1

This site contains links to these domains. Also see Links.

Domain
www.bbva.es

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://blackcloud-demo.info/login.php
Frame ID: C720F344C6B61D61238A30DB95DE596F
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ВВVА

Page URL History Show full URLs

http://blackcloud-demo.info/ Page URL
http://blackcloud-demo.info/login.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

17
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

571 kB
Transfer

1996 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bbva.es/finanzas-vistazo/ciberseguridad/ultima-hora/resolvemos-tus-dudas-sobre-contrasenas.html
Title: ¿Has olvidado tu clave de acceso?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://blackcloud-demo.info/ Page URL
http://blackcloud-demo.info/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response blackcloud-demo.info/	9 KB 3 KB	5753ms 5356ms	Document text/html	104.21.6.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://blackcloud-demo.info/ Protocol HTTP/1.1 Server 104.21.6.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3b696d263c281a32a8bd538866fc69c3797b67fe9992f6b862a936d899423e6e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 77ac2465291a2307-KBP Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sat, 17 Dec 2022 02:13:59 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Pragma no-cache Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPTvzX%2BhBMgQXQaniBl1UqYNJZqjQkF79MWIOzHSfWdH%2FQTW4MSYiP0Kr5TYGQbSH55zmcwmc%2FSW5R%2FWzzIgG8DLTTZPHE2ROZQmP5MIA4gMrRBTkxEiq3%2BJesmVGqKSzPTuc1utlw%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 refresh 0.65 ./login.php
GET H/1.1	200 OK	buzz.css blackcloud-demo.info/assets/	1 KB 1 KB	171ms 170ms	Stylesheet text/css	104.21.6.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://blackcloud-demo.info/assets/buzz.css Requested by Host: blackcloud-demo.info URL: http://blackcloud-demo.info/ Protocol HTTP/1.1 Server 104.21.6.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fe73f5972955b5c4e807d226ec4294ea066345bb6b05e8ae347bddef82a5fb86` Request headers accept-language fi-FI,fi;q=0.9 Referer http://blackcloud-demo.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 17 Dec 2022 02:13:59 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Mon, 29 Nov 2021 15:32:50 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag W/"61a4f2a2-42e" Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPykP0iTAKiZMMy25chttKMAjwEjBdU2CX2jZO%2FcjJlMpcZJ4M3630QB88NhvG%2BGzuuXdru4vWMGwKGIUIS7EbOgCyr1d3wQkmKAdzq1ORBMGWnyTDRNwvW61MnwBV5ud9LfmyQ19w%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 77ac2486ab872307-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	vendor.css blackcloud-demo.info/assets/	530 B 999 B	191ms 191ms	Stylesheet text/css	104.21.6.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://blackcloud-demo.info/assets/vendor.css Requested by Host: blackcloud-demo.info URL: http://blackcloud-demo.info/ Protocol HTTP/1.1 Server 104.21.6.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5a17f7841603053d5488785585ccb392f97b9c6c8474d75a099e23329cac2e2f` Request headers accept-language fi-FI,fi;q=0.9 Referer http://blackcloud-demo.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 17 Dec 2022 02:13:59 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Wed, 14 Dec 2022 00:49:06 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag W/"63991d82-212" Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCvWGXet6u24V%2BfQfZlY1Gkxv5cu%2F%2BBTkBAgWYEw10sosnwcGqPo2EGfZsROIUNwXCbX%2BfgVLkeFD0WH50Xk7W5pHASP08N%2FUqpazcK8iM9A%2BK4ffrSZ9u5kB5dEpl0DtJkmlBeVeQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 77ac2486bdd377aa-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	app.min.css blackcloud-demo.info/assets/	831 KB 134 KB	428ms 257ms	Stylesheet text/css	104.21.6.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://blackcloud-demo.info/assets/app.min.css Requested by Host: blackcloud-demo.info URL: http://blackcloud-demo.info/ Protocol HTTP/1.1 Server 104.21.6.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1e0c6e82fa7314adce54d975364b8f05b3e0c604fbf61d7a0ba7ef8b4e856752` Request headers accept-language fi-FI,fi;q=0.9 Referer http://blackcloud-demo.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 17 Dec 2022 02:13:59 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Thu, 15 Dec 2022 02:04:16 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag W/"639a80a0-cfd53" Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQ3RA%2FkAQZAg0jit0ZX%2B6ZyLW8EATF4%2B1sWRuEkJ2GXRLMkSniVQcwewVqlfi9Nft7wYTM%2FFSrzrxmUKHFE36yckKKycr4n88mXv2isTFyerCQnc7ilkYEIS%2Ft%2B3A0fPZJXfP%2FULWA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 77ac2487cc222307-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	loading.svg blackcloud-demo.info/assets/svg/	619 B 1 KB	339ms 168ms	Image image/svg+xml	104.21.6.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://blackcloud-demo.info/assets/svg/loading.svg Requested by Host: blackcloud-demo.info URL: http://blackcloud-demo.info/ Protocol HTTP/1.1 Server 104.21.6.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ceef89820923211a95741f1364a41fec88793822c903b700b5422f7f33b653df` Request headers accept-language fi-FI,fi;q=0.9 Referer http://blackcloud-demo.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 17 Dec 2022 02:13:59 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Mon, 29 Nov 2021 15:32:54 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag W/"61a4f2a6-26b" Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txkN6QQHwPftW6G1cgGKi98xjPiCD2ghzmyUdCORqUFdfNQLGfZN%2FjVeQmyZysWV2%2FHoMhsiT6HqfdedXGk6Bsx89a0XxOmdJsLjoko%2FGrdWWXiuGkSV5XGKJKdP%2B%2F%2FHd8sOmb3V8Q%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 77ac2487ef1f77aa-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	bg-menu.svg blackcloud-demo.info/assets/svg/	2 KB 1 KB	201ms 201ms	Image image/svg+xml	104.21.6.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://blackcloud-demo.info/assets/svg/bg-menu.svg Requested by Host: blackcloud-demo.info URL: http://blackcloud-demo.info/assets/app.min.css Protocol HTTP/1.1 Server 104.21.6.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `58dbd83754a9ea4a16125d33c9253c08fad32f2a6b192b2de27204e643b82e7b` Request headers accept-language fi-FI,fi;q=0.9 Referer http://blackcloud-demo.info/assets/app.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 17 Dec 2022 02:14:00 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Mon, 29 Nov 2021 15:32:54 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag W/"61a4f2a6-748" Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBWBNN2EgTw31Dp9QYtspUueMQVJ3mJHCcDuTpFF%2BxC7qPDsDyMg%2BgXUz1CNE93S%2FQ6CJ%2BjNpZpaQmxk1nBChz2vCgzxYyTSHHUffdC%2BbMnZi30YGNLfrKqY38cdj7Zrefp2i5x6Yw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 77ac248a7dba2307-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	BentonSans-Book.woff blackcloud-demo.info/assets/fonts/	69 KB 69 KB	271ms 271ms	Font font/woff	104.21.6.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://blackcloud-demo.info/assets/fonts/BentonSans-Book.woff Requested by Host: blackcloud-demo.info URL: http://blackcloud-demo.info/assets/app.min.css Protocol HTTP/1.1 Server 104.21.6.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `faef4c0bda0c3c95f57f42c990d7623eedb0d7f8174a6640ff4114f1091217ec` Request headers Referer http://blackcloud-demo.info/assets/app.min.css Origin http://blackcloud-demo.info accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 17 Dec 2022 02:14:00 GMT CF-Cache-Status MISS Last-Modified Mon, 29 Nov 2021 15:32:52 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag "61a4f2a4-1130c" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYa8ivavGKs1FJ%2Bs5jwBbEVp9A1leprwlOUwvwT8ejV3Iqq%2FjlRegAK0ITiF2zwXFAEyzFuJaZ0ngNaiO4afHiFfwrAuyRLs4GG491ratUfz3QB2Y7wvI0wv11iWmTwuUUZLefbKXA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type font/woff Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 77ac248a796b77aa-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 70412
GET H/1.1	200 OK	Primary Request login.php Show response blackcloud-demo.info/	36 KB 8 KB	834ms 834ms	Document text/html	104.21.6.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://blackcloud-demo.info/login.php Protocol HTTP/1.1 Server 104.21.6.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4418330e50f38db8d43ae331490ea37c23549bb04a5236c199eca318eafed7d2` Request headers Referer http://blackcloud-demo.info/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 77ac248e8cef77aa-KBP Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sat, 17 Dec 2022 02:14:01 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Pragma no-cache Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEwRfvt8K8%2BJ9JpTFNd5hcybhGmMPVSy%2BQsXWh1fO%2B8ncBi23Gp%2BvrZHKI2xf1tDxpVw%2FzhH%2F5ixRzxmMuqAUkothh6s8Q4dsqZUHhbP%2FqrzpwddwwzwKRfaA1VDW4edFpPpasyEdA%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	buzz.css blackcloud-demo.info/assets/	1 KB 1 KB	62ms 62ms	Stylesheet text/css	104.21.6.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://blackcloud-demo.info/assets/buzz.css Requested by Host: blackcloud-demo.info URL: http://blackcloud-demo.info/login.php Protocol HTTP/1.1 Server 104.21.6.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fe73f5972955b5c4e807d226ec4294ea066345bb6b05e8ae347bddef82a5fb86` Request headers accept-language fi-FI,fi;q=0.9 Referer http://blackcloud-demo.info/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 17 Dec 2022 02:14:01 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 2 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Mon, 29 Nov 2021 15:32:50 GMT Server cloudflare ETag W/"61a4f2a2-42e" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngbvlM%2FDx0wCgAXDLyG0WZd%2BvXizJnNSHpwEFw3l0QuJHZ8YLs8ZV2bvQMZsOkkZQOEVocYmQymyJ8XXvGSFXPRUV6H6DfRpBIQaKP6g%2FBLAJjZoAl1C%2BzMYdKuWoH%2BcPX4djNRdzg%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=14400 CF-RAY 77ac2493c9a877aa-KBP
GET H/1.1	200 OK	vendor.css blackcloud-demo.info/assets/	530 B 1000 B	63ms 62ms	Stylesheet text/css	104.21.6.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://blackcloud-demo.info/assets/vendor.css Requested by Host: blackcloud-demo.info URL: http://blackcloud-demo.info/login.php Protocol HTTP/1.1 Server 104.21.6.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5a17f7841603053d5488785585ccb392f97b9c6c8474d75a099e23329cac2e2f` Request headers accept-language fi-FI,fi;q=0.9 Referer http://blackcloud-demo.info/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 17 Dec 2022 02:14:01 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 2 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Wed, 14 Dec 2022 00:49:06 GMT Server cloudflare ETag W/"63991d82-212" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PI77zqcLA3jdHLptRIFZmZn%2BjFMjh3Qy2y45GRCExSvSixjG5Okfw9bi7iD6gXOq3su4nMopz2Pv5S%2F8l3fZo3xMMmS5h0cFrejOoe%2BqAtRFswCExY4wjtjuF9FuhbgW4GBhS52Mnw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=14400 CF-RAY 77ac2493ca6f2307-KBP
GET H/1.1	200 OK	app.min.css blackcloud-demo.info/assets/	831 KB 134 KB	68ms 67ms	Stylesheet text/css	104.21.6.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://blackcloud-demo.info/assets/app.min.css Requested by Host: blackcloud-demo.info URL: http://blackcloud-demo.info/login.php Protocol HTTP/1.1 Server 104.21.6.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1e0c6e82fa7314adce54d975364b8f05b3e0c604fbf61d7a0ba7ef8b4e856752` Request headers accept-language fi-FI,fi;q=0.9 Referer http://blackcloud-demo.info/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 17 Dec 2022 02:14:01 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 2 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Thu, 15 Dec 2022 02:04:16 GMT Server cloudflare ETag W/"639a80a0-cfd53" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGXjnsVM4U9xp13ozDNQqFAzC1A5rnm80RglvQGFfBky3xYYCV73PZ8XOS1nG%2FwMDtx8cshvUpvW2II7RmxHOuZrYcGAGBb8xPZJV7ru775JAoZS6iBDIyPu640vhF51VHLagPS8lw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=14400 CF-RAY 77ac2493cb342479-KBP
GET H/1.1	200 OK	login.js Show response blackcloud-demo.info/assets/js/	543 B 1 KB	211ms 211ms	Script application/javascript	104.21.6.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://blackcloud-demo.info/assets/js/login.js Requested by Host: blackcloud-demo.info URL: http://blackcloud-demo.info/login.php Protocol HTTP/1.1 Server 104.21.6.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a8b870be14cbad899422b109dfa8bbad761687d9ddedeb2cf2ee8a0f3788bb1a` Request headers accept-language fi-FI,fi;q=0.9 Referer http://blackcloud-demo.info/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 17 Dec 2022 02:14:01 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Tue, 13 Dec 2022 23:49:16 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag W/"63990f7c-21f" Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47v%2BduDkHHSG1K50ebl6Hat2ALxVovMMXKu6AI0fvRoFhGR9CJsHRXQAjDl3QKHm94RiWLEzMITZXeLGw%2BlIaVUQAAx4iQlyVgyrQxJ4URhb0KqfzfNDtN%2FyTOk0%2B0aaRZTgzeaJ9g%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript; charset=utf-8 Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 77ac2493cbb624c1-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	logo-white.svg blackcloud-demo.info/assets/svg/	1 KB 1 KB	166ms 166ms	Image image/svg+xml	104.21.6.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://blackcloud-demo.info/assets/svg/logo-white.svg Requested by Host: blackcloud-demo.info URL: http://blackcloud-demo.info/login.php Protocol HTTP/1.1 Server 104.21.6.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ccd059096906debafa2c546cae814bf409f1ff0a24048414a3a8c919ebd729b2` Request headers accept-language fi-FI,fi;q=0.9 Referer http://blackcloud-demo.info/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 17 Dec 2022 02:14:01 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Mon, 29 Nov 2021 15:32:54 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag W/"61a4f2a6-5d3" Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uonfn8ISO7eaTWr%2FWc1UVCfd4bPnE5TsUMBflW3DI02CHAsqH4ShO23b0E6FU04S2XCrAMLPHPe%2Fb96mCiLMF4MwvWyhvYmsyGFGQBsOh1K05VB%2BPKe%2FFKXNcl9HQFurOyqsoZhDew%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 77ac2494fbdc2479-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `32b5be70164acc09cb52ed04d8e5b86b3461bb03037ce96176e5cd1030e6bee9` Request headers accept-language fi-FI,fi;q=0.9 Referer http://blackcloud-demo.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	bg-menu.svg blackcloud-demo.info/assets/svg/	2 KB 1 KB	62ms 62ms	Image image/svg+xml	104.21.6.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://blackcloud-demo.info/assets/svg/bg-menu.svg Requested by Host: blackcloud-demo.info URL: http://blackcloud-demo.info/assets/app.min.css Protocol HTTP/1.1 Server 104.21.6.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `58dbd83754a9ea4a16125d33c9253c08fad32f2a6b192b2de27204e643b82e7b` Request headers accept-language fi-FI,fi;q=0.9 Referer http://blackcloud-demo.info/assets/app.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 17 Dec 2022 02:14:01 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 1 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Mon, 29 Nov 2021 15:32:54 GMT Server cloudflare ETag W/"61a4f2a6-748" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZ31v6PRuy4ZF%2BYZdl9QP7Gk9XOws%2FSQPfxI1vjQHCFe6tbWrGN44%2B2QsAe7JSCY9XT8x9iPD9jVMO6n1MVqBGh3BzjwMp%2ByNi8lRYBhHg6DoBsAQ4YaKsIEJIhLCYPatyzGRS7X6A%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Cache-Control max-age=14400 CF-RAY 77ac24954c9724c1-KBP
GET H/1.1	200 OK	BentonSans-Book.woff blackcloud-demo.info/assets/fonts/	69 KB 69 KB	65ms 64ms	Font font/woff	104.21.6.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://blackcloud-demo.info/assets/fonts/BentonSans-Book.woff Requested by Host: blackcloud-demo.info URL: http://blackcloud-demo.info/assets/app.min.css Protocol HTTP/1.1 Server 104.21.6.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `faef4c0bda0c3c95f57f42c990d7623eedb0d7f8174a6640ff4114f1091217ec` Request headers Referer http://blackcloud-demo.info/assets/app.min.css Origin http://blackcloud-demo.info accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 17 Dec 2022 02:14:01 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 1 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 70412 Last-Modified Mon, 29 Nov 2021 15:32:52 GMT Server cloudflare ETag "61a4f2a4-1130c" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9QZcnIZT4bGHIJ2Nu6U1vfR0W3Q1kOyurQPDwCKC5SWzrFyAFrBw5zvcJ623TjK75VOF87k0oQOkpGVhP5dgpsH3hWT%2FPpEEjhNrW1lUvb1m6qo%2FX4WA0fRknelGBRjLorkBMoxKQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type font/woff Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 77ac24954b3a2307-KBP
GET H/1.1	200 OK	icon-maiden.woff blackcloud-demo.info/assets/fonts/	69 KB 70 KB	279ms 279ms	Font font/woff	104.21.6.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://blackcloud-demo.info/assets/fonts/icon-maiden.woff Requested by Host: blackcloud-demo.info URL: http://blackcloud-demo.info/assets/app.min.css Protocol HTTP/1.1 Server 104.21.6.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e39f5ca2526796aee9e3eb32edd4559b229e9b405380443cb00d14ddeab1c5de` Request headers Referer http://blackcloud-demo.info/assets/app.min.css Origin http://blackcloud-demo.info accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 17 Dec 2022 02:14:02 GMT CF-Cache-Status MISS Last-Modified Mon, 29 Nov 2021 15:32:52 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag "61a4f2a4-114e0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQ8rTUz8pncl6eWbgNVQiIiJuLMV1GOGUubJF9jTxO1cDZZ%2FWO%2B%2Bys1zLlDWiZveXOSxPdIJe7idHl%2BXobqwUi1N8aUmR1GNwvxzVAJfskLN2lG0lKV2Hom%2BmrENj0nPW4qIqequBA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type font/woff Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 77ac24954ae477aa-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 70880
GET H/1.1	200 OK	BentonSans-Medium.woff blackcloud-demo.info/assets/fonts/	71 KB 72 KB	328ms 267ms	Font font/woff	104.21.6.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://blackcloud-demo.info/assets/fonts/BentonSans-Medium.woff Requested by Host: blackcloud-demo.info URL: http://blackcloud-demo.info/assets/app.min.css Protocol HTTP/1.1 Server 104.21.6.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7af3360fe39c201b1ccbe7a726a5d3c2f0253add6616b71176f0d9e7c849a732` Request headers Referer http://blackcloud-demo.info/assets/app.min.css Origin http://blackcloud-demo.info accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 17 Dec 2022 02:14:02 GMT CF-Cache-Status MISS Last-Modified Mon, 29 Nov 2021 15:32:52 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag "61a4f2a4-11bec" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIp%2BfWOupuiohyFIT%2BmAfNzDQAgrJzrOoIP8MU6GFzObl1s73RwzyVS%2FcPB8WLalz%2BlTnNg6YuLQg0CXwtxk2F%2Bmcx81UKa1uIyBP5MNNJtUg99cO2nwCPtgor9K%2BJWT%2BYgQ9f2k%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type font/woff Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 77ac2495acd924c1-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 72684

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BBVA (Financial)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			blackcloud-demo.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: oa9fg48vdh3qlk4jculs01s58d
			.blackcloud-demo.info/	1970-01-20 12:33:15	Name: webid Value: lybdzu880crtjvqxz02i

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blackcloud-demo.info
104.21.6.68
1e0c6e82fa7314adce54d975364b8f05b3e0c604fbf61d7a0ba7ef8b4e856752
32b5be70164acc09cb52ed04d8e5b86b3461bb03037ce96176e5cd1030e6bee9
3b696d263c281a32a8bd538866fc69c3797b67fe9992f6b862a936d899423e6e
4418330e50f38db8d43ae331490ea37c23549bb04a5236c199eca318eafed7d2
58dbd83754a9ea4a16125d33c9253c08fad32f2a6b192b2de27204e643b82e7b
5a17f7841603053d5488785585ccb392f97b9c6c8474d75a099e23329cac2e2f
7af3360fe39c201b1ccbe7a726a5d3c2f0253add6616b71176f0d9e7c849a732
a8b870be14cbad899422b109dfa8bbad761687d9ddedeb2cf2ee8a0f3788bb1a
ccd059096906debafa2c546cae814bf409f1ff0a24048414a3a8c919ebd729b2
ceef89820923211a95741f1364a41fec88793822c903b700b5422f7f33b653df
e39f5ca2526796aee9e3eb32edd4559b229e9b405380443cb00d14ddeab1c5de
faef4c0bda0c3c95f57f42c990d7623eedb0d7f8174a6640ff4114f1091217ec
fe73f5972955b5c4e807d226ec4294ea066345bb6b05e8ae347bddef82a5fb86

blackcloud-demo.info Open in urlscan Pro 104.21.6.68 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

571 kBTransfer

1996 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

2 Cookies

Indicators

blackcloud-demo.info Open in urlscan Pro
104.21.6.68 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

571 kB
Transfer

1996 kB
Size

2
Cookies

17 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!