www.c-licks.cloud Open in urlscan Pro
89.46.110.28 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.c-licks.cloud/verify.php
Submission: On October 22 via automatic, source openphish (October 22nd 2020, 1:34:19 pm UTC)

Summary HTTP 19 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 89.46.110.28, located in Arezzo, Italy and belongs to ARUBA-ASN, IT. The main domain is www.c-licks.cloud.
TLS certificate: Issued by Actalis Domain Validation Server CA G3 on October 12th 2020. Valid for: a year.

This is the only time www.c-licks.cloud was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commonwealth Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
19	89.46.110.28 89.46.110.28		31034 (ARUBA-ASN) (ARUBA-ASN)
19	1

19 89.46.110.28 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: webx1426.ad.aruba.it

www.c-licks.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	c-licks.cloud www.c-licks.cloud	90 KB
19	1

	Domain	Requested by
19	www.c-licks.cloud	www.c-licks.cloud
19	1

This site contains links to these domains. Also see Links.

Domain
sas.redsys.es

Subject Issuer	Validity	Valid
*.c-licks.cloud Actalis Domain Validation Server CA G3	`2020-10-12` - `2021-10-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.c-licks.cloud/verify.php
Frame ID: 388B086DACDECFE4059545C28E99A93C
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

90 kB
Transfer

333 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://sas.redsys.es/sas/SerSvlFinanetDirecto#collapseOne
Title: Is your phone memory full?

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request verify.php Show response www.c-licks.cloud/	8 KB 3 KB	375ms 293ms	Document text/html	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/verify.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash `dc76c838aec2946605b566b70dd3dc6ad9e59db53294716209345220ef4ccab1` Request headers :method GET :authority www.c-licks.cloud :scheme https :path /verify.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 server aruba-proxy date Thu, 22 Oct 2020 13:33:50 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-servername ipvsproxy213.ad.aruba.it content-encoding gzip
GET H2	404	css www.c-licks.cloud/BANKIA_files/	0 0	54ms 51ms	Stylesheet text/html	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/BANKIA_files/css Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/verify.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash Request headers Referer https://www.c-licks.cloud/verify.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 404 date Thu, 22 Oct 2020 13:33:50 GMT content-encoding gzip server aruba-proxy vary Accept-Encoding content-type text/html; charset=iso-8859-1
GET H2	200	bootstrap.min.css www.c-licks.cloud/BANKIA_files/	104 KB 17 KB	79ms 77ms	Stylesheet text/css	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/BANKIA_files/bootstrap.min.css Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/verify.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash `6a950e6aa443b361a757043df51bae13fac2fc941e94307394910651e9d597a6` Request headers Referer https://www.c-licks.cloud/verify.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-servername ipvsproxy213.ad.aruba.it date Thu, 22 Oct 2020 13:33:50 GMT content-encoding gzip last-modified Thu, 22 Oct 2020 02:30:22 GMT server aruba-proxy etag W/"19e00-5b2393eec709c" vary Accept-Encoding content-type text/css status 200
GET H2	200	bootstrap-responsive.css www.c-licks.cloud/BANKIA_files/	22 KB 4 KB	62ms 59ms	Stylesheet text/css	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/BANKIA_files/bootstrap-responsive.css Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/verify.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash `a947728607e040c73ca635ece961f811caa8ada5e0dfc10ec8c372c78e402de8` Request headers Referer https://www.c-licks.cloud/verify.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-servername ipvsproxy213.ad.aruba.it date Thu, 22 Oct 2020 13:33:50 GMT content-encoding gzip last-modified Thu, 22 Oct 2020 02:30:22 GMT server aruba-proxy etag W/"5619-5b2393eec5c97" vary Accept-Encoding content-type text/css status 200
GET H2	200	font-awesome.min.css www.c-licks.cloud/BANKIA_files/	30 KB 7 KB	79ms 77ms	Stylesheet text/css	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/BANKIA_files/font-awesome.min.css Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/verify.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash `799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd` Request headers Referer https://www.c-licks.cloud/verify.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-servername ipvsproxy213.ad.aruba.it date Thu, 22 Oct 2020 13:33:50 GMT content-encoding gzip last-modified Thu, 22 Oct 2020 02:30:22 GMT server aruba-proxy etag W/"7918-5b2393eeca6ef" vary Accept-Encoding content-type text/css status 200
GET H2	200	2038.css www.c-licks.cloud/BANKIA_files/	6 KB 2 KB	63ms 61ms	Stylesheet text/css	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/BANKIA_files/2038.css Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/verify.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash `d1419e23653f3c1fd91a76bf2db55b7ffe686362fa404ee06782f75f319b9381` Request headers Referer https://www.c-licks.cloud/verify.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-servername ipvsproxy213.ad.aruba.it date Thu, 22 Oct 2020 13:33:50 GMT content-encoding gzip last-modified Thu, 22 Oct 2020 02:30:22 GMT server aruba-proxy etag W/"1721-5b2393eec4944" vary Accept-Encoding content-type text/css status 200
GET H2	200	utils.js.download Show response www.c-licks.cloud/BANKIA_files/	5 KB 2 KB	88ms 87ms	Script application/javascript	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/BANKIA_files/utils.js.download Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/verify.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash `f69f52b82c421d744d855a02ddd3335462dc1b4f902197f4c3265bf170074182` Request headers Referer https://www.c-licks.cloud/verify.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-servername ipvsproxy213.ad.aruba.it date Thu, 22 Oct 2020 13:33:50 GMT content-encoding gzip last-modified Thu, 22 Oct 2020 02:30:22 GMT server aruba-proxy etag W/"13d4-5b2393eecc9ef" vary Accept-Encoding content-type application/javascript status 200
GET H2	200	des.js.download Show response www.c-licks.cloud/BANKIA_files/	17 KB 4 KB	91ms 90ms	Script application/javascript	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/BANKIA_files/des.js.download Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/verify.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash `ddb907faa694120d117322026789c66de536348797d9072fdabce56141e5d2d7` Request headers Referer https://www.c-licks.cloud/verify.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-servername ipvsproxy213.ad.aruba.it date Thu, 22 Oct 2020 13:33:50 GMT content-encoding gzip last-modified Thu, 22 Oct 2020 02:30:22 GMT server aruba-proxy etag W/"444c-5b2393eec9b42" vary Accept-Encoding content-type application/javascript status 200
GET H2	200	pwdbaseud.js.download Show response www.c-licks.cloud/BANKIA_files/	11 KB 3 KB	91ms 89ms	Script application/javascript	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/BANKIA_files/pwdbaseud.js.download Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/verify.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash `785722a9a2026d0ad30d7d3889c9c6d5fb78ea86d5432ad486e16706de28b915` Request headers Referer https://www.c-licks.cloud/verify.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-servername ipvsproxy213.ad.aruba.it date Thu, 22 Oct 2020 13:33:50 GMT content-encoding gzip last-modified Thu, 22 Oct 2020 02:30:22 GMT server aruba-proxy etag W/"2ce1-5b2393eecc219" vary Accept-Encoding content-type application/javascript status 200
GET H2	200	cba_mainlogo.ac9de6fb5214be84653367c74ba0b5f0.gif www.c-licks.cloud/BANKIA_files/	5 KB 5 KB	50ms 49ms	Image image/gif	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.c-licks.cloud/BANKIA_files/cba_mainlogo.ac9de6fb5214be84653367c74ba0b5f0.gif Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/verify.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash `4620bea7b8db9ffe1747e9c29910d7ea2ec84a7a3c7416e7a8a70e450073d820` Request headers Referer https://www.c-licks.cloud/verify.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-servername ipvsproxy213.ad.aruba.it date Thu, 22 Oct 2020 13:33:50 GMT last-modified Thu, 22 Oct 2020 02:30:22 GMT server aruba-proxy etag "12f4-5b2393eec87ac" content-type image/gif status 200 accept-ranges bytes content-length 4852
GET H2	200	jquery.min.js.download Show response www.c-licks.cloud/BANKIA_files/	94 KB 33 KB	55ms 55ms	Script application/javascript	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/BANKIA_files/jquery.min.js.download Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/verify.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash `540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441` Request headers Referer https://www.c-licks.cloud/verify.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-servername ipvsproxy213.ad.aruba.it date Thu, 22 Oct 2020 13:33:50 GMT content-encoding gzip last-modified Thu, 22 Oct 2020 02:30:22 GMT server aruba-proxy etag W/"1762a-5b2393eecba45" vary Accept-Encoding content-type application/javascript status 200
GET H2	200	bootstrap.min.js.download Show response www.c-licks.cloud/BANKIA_files/	28 KB 8 KB	52ms 51ms	Script application/javascript	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/BANKIA_files/bootstrap.min.js.download Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/verify.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash `a515a82292b34bdde3447113634d5d496039ffd4d6a0c7382586f3c24e582645` Request headers Referer https://www.c-licks.cloud/verify.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-servername ipvsproxy213.ad.aruba.it date Thu, 22 Oct 2020 13:33:50 GMT content-encoding gzip last-modified Thu, 22 Oct 2020 02:30:22 GMT server aruba-proxy etag W/"6fd7-5b2393eec7c2e" vary Accept-Encoding content-type application/javascript status 200
GET H2	200	custom_10.js.download Show response www.c-licks.cloud/BANKIA_files/	4 KB 2 KB	60ms 59ms	Script application/javascript	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/BANKIA_files/custom_10.js.download Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/verify.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash `69d93c7b3efd13ae4cb6d99fe3717ddf561756b76fd59d6edc236ad55539ec07` Request headers Referer https://www.c-licks.cloud/verify.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-servername ipvsproxy213.ad.aruba.it date Thu, 22 Oct 2020 13:33:50 GMT content-encoding gzip last-modified Thu, 22 Oct 2020 02:30:22 GMT server aruba-proxy etag W/"f03-5b2393eec8faa" vary Accept-Encoding content-type application/javascript status 200
GET H2	404	tt0308m-webfont.woff www.c-licks.cloud/fonts/	0 0	69ms 69ms	Font text/html	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/fonts/tt0308m-webfont.woff Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/BANKIA_files/2038.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash Request headers Origin https://www.c-licks.cloud Referer https://www.c-licks.cloud/BANKIA_files/2038.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 404 date Thu, 22 Oct 2020 13:33:50 GMT content-encoding gzip server aruba-proxy vary Accept-Encoding content-type text/html; charset=iso-8859-1
GET H2	404	tt0308m-webfont.ttf www.c-licks.cloud/fonts/	0 0	48ms 48ms	Font text/html	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/fonts/tt0308m-webfont.ttf Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/BANKIA_files/2038.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash Request headers Origin https://www.c-licks.cloud Referer https://www.c-licks.cloud/BANKIA_files/2038.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 404 date Thu, 22 Oct 2020 13:33:50 GMT content-encoding gzip server aruba-proxy vary Accept-Encoding content-type text/html; charset=iso-8859-1
GET H2	404	sans-regular.ttf www.c-licks.cloud/BANKIA_files/fuentes/	0 0	53ms 51ms	Font text/html	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/BANKIA_files/fuentes/sans-regular.ttf Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/BANKIA_files/2038.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash Request headers Origin https://www.c-licks.cloud Referer https://www.c-licks.cloud/BANKIA_files/2038.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 404 date Thu, 22 Oct 2020 13:33:50 GMT content-encoding gzip server aruba-proxy vary Accept-Encoding content-type text/html; charset=iso-8859-1
GET H2	404	sans-semibold.ttf www.c-licks.cloud/BANKIA_files/fuentes/	0 0	52ms 51ms	Font text/html	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/BANKIA_files/fuentes/sans-semibold.ttf Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/BANKIA_files/2038.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash Request headers Origin https://www.c-licks.cloud Referer https://www.c-licks.cloud/BANKIA_files/2038.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 404 date Thu, 22 Oct 2020 13:33:50 GMT content-encoding gzip server aruba-proxy vary Accept-Encoding content-type text/html; charset=iso-8859-1
GET H2	404	bankia-regular.otf www.c-licks.cloud/BANKIA_files/fuentes/	0 0	46ms 45ms	Font text/html	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/BANKIA_files/fuentes/bankia-regular.otf Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/BANKIA_files/2038.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash Request headers Origin https://www.c-licks.cloud Referer https://www.c-licks.cloud/BANKIA_files/2038.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 404 date Thu, 22 Oct 2020 13:33:50 GMT content-encoding gzip server aruba-proxy vary Accept-Encoding content-type text/html; charset=iso-8859-1
GET H2	404	bankia-bold.otf www.c-licks.cloud/BANKIA_files/fuentes/	0 0	52ms 51ms	Font text/html	89.46.110.28 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.c-licks.cloud/BANKIA_files/fuentes/bankia-bold.otf Requested by Host: www.c-licks.cloud URL: https://www.c-licks.cloud/BANKIA_files/2038.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.46.110.28 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1426.ad.aruba.it Software aruba-proxy / Resource Hash Request headers Origin https://www.c-licks.cloud Referer https://www.c-licks.cloud/BANKIA_files/2038.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 404 date Thu, 22 Oct 2020 13:33:50 GMT content-encoding gzip server aruba-proxy vary Accept-Encoding content-type text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commonwealth Bank (Banking)

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.c-licks.cloud
89.46.110.28
4620bea7b8db9ffe1747e9c29910d7ea2ec84a7a3c7416e7a8a70e450073d820
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
69d93c7b3efd13ae4cb6d99fe3717ddf561756b76fd59d6edc236ad55539ec07
6a950e6aa443b361a757043df51bae13fac2fc941e94307394910651e9d597a6
785722a9a2026d0ad30d7d3889c9c6d5fb78ea86d5432ad486e16706de28b915
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
a515a82292b34bdde3447113634d5d496039ffd4d6a0c7382586f3c24e582645
a947728607e040c73ca635ece961f811caa8ada5e0dfc10ec8c372c78e402de8
d1419e23653f3c1fd91a76bf2db55b7ffe686362fa404ee06782f75f319b9381
dc76c838aec2946605b566b70dd3dc6ad9e59db53294716209345220ef4ccab1
ddb907faa694120d117322026789c66de536348797d9072fdabce56141e5d2d7
f69f52b82c421d744d855a02ddd3335462dc1b4f902197f4c3265bf170074182

www.c-licks.cloud Open in urlscan Pro 89.46.110.28 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

90 kBTransfer

333 kBSize

0 Cookies

1 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

65 JavaScript Global Variables

0 Cookies

Indicators

www.c-licks.cloud Open in urlscan Pro
89.46.110.28 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

90 kB
Transfer

333 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!