![](/screenshots/f346cea5-5960-422a-94ed-bb88a0cbf8ba.png)
blackcloud-demo.info
Open in
urlscan Pro
104.21.6.68
Malicious Activity!
Public Scan
Effective URL: http://blackcloud-demo.info/login.php
Submission Tags: @ecarlesi #phishing #bbva #namesilo Search All
Submission: On December 17 via api from FI — Scanned from FI
Summary
This is the only time blackcloud-demo.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BBVA (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 104.21.6.68 104.21.6.68 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
17 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
blackcloud-demo.info
blackcloud-demo.info |
571 KB |
17 | 1 |
Domain | Requested by | |
---|---|---|
17 | blackcloud-demo.info |
blackcloud-demo.info
|
17 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bbva.es |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://blackcloud-demo.info/login.php
Frame ID: C720F344C6B61D61238A30DB95DE596F
Requests: 18 HTTP requests in this frame
Screenshot
![](/screenshots/f346cea5-5960-422a-94ed-bb88a0cbf8ba.png)
Page Title
ВВVАPage URL History Show full URLs
- http://blackcloud-demo.info/ Page URL
- http://blackcloud-demo.info/login.php Page URL
Detected technologies
Detected patterns
- \.php(?:$|\?)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: ¿Has olvidado tu clave de acceso?
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://blackcloud-demo.info/ Page URL
- http://blackcloud-demo.info/login.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
blackcloud-demo.info/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
buzz.css
blackcloud-demo.info/assets/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.css
blackcloud-demo.info/assets/ |
530 B 999 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min.css
blackcloud-demo.info/assets/ |
831 KB 134 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.svg
blackcloud-demo.info/assets/svg/ |
619 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-menu.svg
blackcloud-demo.info/assets/svg/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BentonSans-Book.woff
blackcloud-demo.info/assets/fonts/ |
69 KB 69 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
login.php
blackcloud-demo.info/ |
36 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
buzz.css
blackcloud-demo.info/assets/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.css
blackcloud-demo.info/assets/ |
530 B 1000 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min.css
blackcloud-demo.info/assets/ |
831 KB 134 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.js
blackcloud-demo.info/assets/js/ |
543 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-white.svg
blackcloud-demo.info/assets/svg/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-menu.svg
blackcloud-demo.info/assets/svg/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BentonSans-Book.woff
blackcloud-demo.info/assets/fonts/ |
69 KB 69 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-maiden.woff
blackcloud-demo.info/assets/fonts/ |
69 KB 70 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BentonSans-Medium.woff
blackcloud-demo.info/assets/fonts/ |
71 KB 72 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BBVA (Financial)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| clearInput function| revealPassword function| openHelp function| openRegister function| goBack object| modal2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
blackcloud-demo.info/ | Name: PHPSESSID Value: oa9fg48vdh3qlk4jculs01s58d |
|
.blackcloud-demo.info/ | Name: webid Value: lybdzu880crtjvqxz02i |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
blackcloud-demo.info
104.21.6.68
1e0c6e82fa7314adce54d975364b8f05b3e0c604fbf61d7a0ba7ef8b4e856752
32b5be70164acc09cb52ed04d8e5b86b3461bb03037ce96176e5cd1030e6bee9
3b696d263c281a32a8bd538866fc69c3797b67fe9992f6b862a936d899423e6e
4418330e50f38db8d43ae331490ea37c23549bb04a5236c199eca318eafed7d2
58dbd83754a9ea4a16125d33c9253c08fad32f2a6b192b2de27204e643b82e7b
5a17f7841603053d5488785585ccb392f97b9c6c8474d75a099e23329cac2e2f
7af3360fe39c201b1ccbe7a726a5d3c2f0253add6616b71176f0d9e7c849a732
a8b870be14cbad899422b109dfa8bbad761687d9ddedeb2cf2ee8a0f3788bb1a
ccd059096906debafa2c546cae814bf409f1ff0a24048414a3a8c919ebd729b2
ceef89820923211a95741f1364a41fec88793822c903b700b5422f7f33b653df
e39f5ca2526796aee9e3eb32edd4559b229e9b405380443cb00d14ddeab1c5de
faef4c0bda0c3c95f57f42c990d7623eedb0d7f8174a6640ff4114f1091217ec
fe73f5972955b5c4e807d226ec4294ea066345bb6b05e8ae347bddef82a5fb86