www.c-licks.cloud
Open in
urlscan Pro
89.46.110.28
Malicious Activity!
Public Scan
Submission: On October 22 via automatic, source openphish
Summary
TLS certificate: Issued by Actalis Domain Validation Server CA G3 on October 12th 2020. Valid for: a year.
This is the only time www.c-licks.cloud was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Commonwealth Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 89.46.110.28 89.46.110.28 | 31034 (ARUBA-ASN) (ARUBA-ASN) | |
19 | 1 |
ASN31034 (ARUBA-ASN, IT)
PTR: webx1426.ad.aruba.it
www.c-licks.cloud |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
c-licks.cloud
www.c-licks.cloud |
90 KB |
19 | 1 |
Domain | Requested by | |
---|---|---|
19 | www.c-licks.cloud |
www.c-licks.cloud
|
19 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
sas.redsys.es |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.c-licks.cloud Actalis Domain Validation Server CA G3 |
2020-10-12 - 2021-10-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.c-licks.cloud/verify.php
Frame ID: 388B086DACDECFE4059545C28E99A93C
Requests: 19 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Is your phone memory full?
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
verify.php
www.c-licks.cloud/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
www.c-licks.cloud/BANKIA_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.c-licks.cloud/BANKIA_files/ |
104 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-responsive.css
www.c-licks.cloud/BANKIA_files/ |
22 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
www.c-licks.cloud/BANKIA_files/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2038.css
www.c-licks.cloud/BANKIA_files/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utils.js.download
www.c-licks.cloud/BANKIA_files/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
des.js.download
www.c-licks.cloud/BANKIA_files/ |
17 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pwdbaseud.js.download
www.c-licks.cloud/BANKIA_files/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cba_mainlogo.ac9de6fb5214be84653367c74ba0b5f0.gif
www.c-licks.cloud/BANKIA_files/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js.download
www.c-licks.cloud/BANKIA_files/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js.download
www.c-licks.cloud/BANKIA_files/ |
28 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom_10.js.download
www.c-licks.cloud/BANKIA_files/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tt0308m-webfont.woff
www.c-licks.cloud/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tt0308m-webfont.ttf
www.c-licks.cloud/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sans-regular.ttf
www.c-licks.cloud/BANKIA_files/fuentes/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sans-semibold.ttf
www.c-licks.cloud/BANKIA_files/fuentes/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bankia-regular.otf
www.c-licks.cloud/BANKIA_files/fuentes/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bankia-bold.otf
www.c-licks.cloud/BANKIA_files/fuentes/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Commonwealth Bank (Banking)65 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| dameValorElemento function| valorElemento function| hash function| circularRotate function| f function| h function| g function| word_string function| submitirCip function| esNetscape function| ocultaBoton function| procesaCadena function| des function| des_createKeys function| printHex function| printBytes function| xor function| rellenarDerechaCon function| calcularBloquePIN function| calcularBloquePIN3DES boolean| bAlert boolean| bAlertBeforeUnload object| BrowserDetect function| IniWindow function| ContinueWindow function| ShowAuthElements function| ShowIniElements function| SetWindow function| SetWindowVISA function| AlertBeforeUnload function| HelpWindow function| SecurityWindow function| RegisterWindow function| IsNetscapeOnSolaris function| OnCancelHandler function| OnCancelar function| OnSubmitHandler function| OnSubmitHandlerPassword function| SetSubmit function| ResetSubmit function| ClearPin function| OnPageInit function| OnSubmitHandlerAttempts function| ActiveRegSMS function| IsExplorerBrowser function| IsFirefoxBrowser function| IsChromeBrowser function| IsSafariBrowser function| finalizaIndirecto function| $ function| jQuery object| jQuery111107636742282131739 function| mostrar function| ocultar boolean| cerrar function| pregunta function| mensajeCancelar undefined| a function| validar function| submitePIN object| enquire0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.c-licks.cloud
89.46.110.28
4620bea7b8db9ffe1747e9c29910d7ea2ec84a7a3c7416e7a8a70e450073d820
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
69d93c7b3efd13ae4cb6d99fe3717ddf561756b76fd59d6edc236ad55539ec07
6a950e6aa443b361a757043df51bae13fac2fc941e94307394910651e9d597a6
785722a9a2026d0ad30d7d3889c9c6d5fb78ea86d5432ad486e16706de28b915
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
a515a82292b34bdde3447113634d5d496039ffd4d6a0c7382586f3c24e582645
a947728607e040c73ca635ece961f811caa8ada5e0dfc10ec8c372c78e402de8
d1419e23653f3c1fd91a76bf2db55b7ffe686362fa404ee06782f75f319b9381
dc76c838aec2946605b566b70dd3dc6ad9e59db53294716209345220ef4ccab1
ddb907faa694120d117322026789c66de536348797d9072fdabce56141e5d2d7
f69f52b82c421d744d855a02ddd3335462dc1b4f902197f4c3265bf170074182