krediyapilifaizsizzz.cloud Open in urlscan Pro
145.239.120.141 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://krediyapilifaizsizzz.cloud/
Submission: On September 21 via api (September 21st 2024, 10:50:23 pm UTC) from TR — Scanned from PL

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 145.239.120.141, located in Poland and belongs to OVH, FR. The main domain is krediyapilifaizsizzz.cloud.
TLS certificate: Issued by R11 on September 21st 2024. Valid for: 3 months.

This is the only time krediyapilifaizsizzz.cloud was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yapi Kredi (Banking)

Domain & IP information

	IP Address	AS Autonomous System
8	145.239.120.141 145.239.120.141	16276 (OVH) (OVH)
1	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
2	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
12	4

8 145.239.120.141 (Poland)

ASN16276 (OVH, FR)
PTR: ip141.ip-145-239-120.eu

krediyapilifaizsizzz.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	krediyapilifaizsizzz.cloud krediyapilifaizsizzz.cloud	87 KB
2	gstatic.com fonts.gstatic.com	60 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 327	18 KB
12	4

	Domain	Requested by
8	krediyapilifaizsizzz.cloud	krediyapilifaizsizzz.cloud
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	krediyapilifaizsizzz.cloud
1	cdn.jsdelivr.net	krediyapilifaizsizzz.cloud
12	4

This site contains no links.

Subject Issuer	Validity	Valid
krediyapilifaizsizzz.cloud R11	`2024-09-21` - `2024-12-20`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://krediyapilifaizsizzz.cloud/
Frame ID: DE4C48CE9CAF92E83DCBFEDF59A7C474
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mobil Giriş Sayfası

Detected technologies

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

166 kB
Transfer

241 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
krediyapilifaizsizzz.cloud/ 2 KB
1 KB 412ms
61ms Document
text/html 145.239.120.141
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://krediyapilifaizsizzz.cloud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.120.141 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip141.ip-145-239-120.eu
Software: nginx / PHP/8.0.30 PleskLin
Resource Hash: 661c636f1faa8adb0d9064bfc6bc85b4581fe851eed5b36b4c4e77f8e439b1c5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 21 Sep 2024 22:50:18 GMT
server: nginx
x-powered-by: PHP/8.0.30 PleskLin

GET
H2 200 style.css
krediyapilifaizsizzz.cloud/ 3 KB
1007 B 61ms
59ms Stylesheet
text/css 145.239.120.141
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://krediyapilifaizsizzz.cloud/style.css
Requested by: Host: krediyapilifaizsizzz.cloud
URL: https://krediyapilifaizsizzz.cloud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.120.141 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip141.ip-145-239-120.eu
Software: nginx / PleskLin
Resource Hash: 851f3682aafe84ae91017de5c93edfc79dcdc28a5652664c80c38a42ecc1afee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://krediyapilifaizsizzz.cloud/

Response headers

content-encoding: br
date: Sat, 21 Sep 2024 22:50:18 GMT
etag: W/"66eddaf0-ae4"
content-type: text/css
last-modified: Fri, 20 Sep 2024 20:28:32 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 69 KB
18 KB 433ms
41ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: krediyapilifaizsizzz.cloud
URL: https://krediyapilifaizsizzz.cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

84c733b55ba8c2a952391013ce80772d11acab1840b420dfa6c775c9593b3a4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://krediyapilifaizsizzz.cloud/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"1143e-UGRUcHasR0sHJmoE102vCEg7eS0"
age: 41459
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sat, 21 Sep 2024 22:50:19 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230088-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18281
x-jsd-version: 11.14.1

GET
H2 200 css2
fonts.googleapis.com/ 22 KB
1 KB 470ms
55ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: krediyapilifaizsizzz.cloud
URL: https://krediyapilifaizsizzz.cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

9a6ad22973f5737039a4fa7cf7e23f9744ccd47ec82da68f125be614314483fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://krediyapilifaizsizzz.cloud/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 21 Sep 2024 22:50:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Sep 2024 22:50:19 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 21 Sep 2024 22:50:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 logo.png
krediyapilifaizsizzz.cloud/ 3 KB
3 KB 170ms
169ms Image
image/png 145.239.120.141
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://krediyapilifaizsizzz.cloud/logo.png
Requested by: Host: krediyapilifaizsizzz.cloud
URL: https://krediyapilifaizsizzz.cloud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.120.141 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip141.ip-145-239-120.eu
Software: nginx / PleskLin
Resource Hash: 39a9fb3cc353fd2328f88e49b38f661388a669dbba24c821a4045a853a9e3c31

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://krediyapilifaizsizzz.cloud/

Response headers

etag: "66eddaf0-aba"
accept-ranges: bytes
content-length: 2746
date: Sat, 21 Sep 2024 22:50:18 GMT
content-type: image/png
last-modified: Fri, 20 Sep 2024 20:28:32 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 tab.png
krediyapilifaizsizzz.cloud/ 36 KB
36 KB 115ms
114ms Image
image/png 145.239.120.141
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://krediyapilifaizsizzz.cloud/tab.png
Requested by: Host: krediyapilifaizsizzz.cloud
URL: https://krediyapilifaizsizzz.cloud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.120.141 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip141.ip-145-239-120.eu
Software: nginx / PleskLin
Resource Hash: 7b242b673876247f6b26af7e213ddbb4c345d167a6c96fcf54c94275179e2c3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://krediyapilifaizsizzz.cloud/

Response headers

etag: "66eddaf0-8f13"
accept-ranges: bytes
content-length: 36627
date: Sat, 21 Sep 2024 22:50:18 GMT
content-type: image/png
last-modified: Fri, 20 Sep 2024 20:28:32 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 script.js Show response
krediyapilifaizsizzz.cloud/ 3 KB
1 KB 60ms
60ms Script
application/javascript 145.239.120.141
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://krediyapilifaizsizzz.cloud/script.js
Requested by: Host: krediyapilifaizsizzz.cloud
URL: https://krediyapilifaizsizzz.cloud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.120.141 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip141.ip-145-239-120.eu
Software: nginx / PleskLin
Resource Hash: 278d0f5f5cfd5651482f3649f1c4e7affe7da35fb8c34713a396161efb0aeeb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://krediyapilifaizsizzz.cloud/

Response headers

content-encoding: br
date: Sat, 21 Sep 2024 22:50:19 GMT
etag: W/"66ede964-bf6"
content-type: application/javascript
last-modified: Fri, 20 Sep 2024 21:30:12 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 bg.jpg
krediyapilifaizsizzz.cloud/img/ 44 KB
44 KB 63ms
62ms Image
image/jpeg 145.239.120.141
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://krediyapilifaizsizzz.cloud/img/bg.jpg
Requested by: Host: krediyapilifaizsizzz.cloud
URL: https://krediyapilifaizsizzz.cloud/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.120.141 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip141.ip-145-239-120.eu
Software: nginx / PleskLin
Resource Hash: 8276dc2f9064e026aab788c8b224bd18fe4129d9af50a0a0b8d7ebe6f364dcb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://krediyapilifaizsizzz.cloud/style.css

Response headers

etag: "66eddaf0-b075"
accept-ranges: bytes
content-length: 45173
date: Sat, 21 Sep 2024 22:50:19 GMT
content-type: image/jpeg
last-modified: Fri, 20 Sep 2024 20:28:32 GMT
server: nginx
x-powered-by: PleskLin

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 91ms
40ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://krediyapilifaizsizzz.cloud
Referer: https://fonts.googleapis.com/

Response headers

age: 382223
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Sep 2025 12:39:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Sep 2024 12:39:56 GMT
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33092
x-xss-protection: 0
server: sffe

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 27 KB
27 KB 96ms
45ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

sffe /

Resource Hash

6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://krediyapilifaizsizzz.cloud
Referer: https://fonts.googleapis.com/

Response headers

age: 45134
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 21 Sep 2025 10:18:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Sep 2024 10:18:05 GMT
last-modified: Wed, 13 Sep 2023 22:37:02 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27812
x-xss-protection: 0
server: sffe

POST
H2 200 livechat.php Show response
krediyapilifaizsizzz.cloud/ 0
214 B 64ms
63ms XHR
application/json 145.239.120.141
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://krediyapilifaizsizzz.cloud/livechat.php
Requested by: Host: krediyapilifaizsizzz.cloud
URL: https://krediyapilifaizsizzz.cloud/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.120.141 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip141.ip-145-239-120.eu
Software: nginx / PHP/8.0.30, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://krediyapilifaizsizzz.cloud/

Response headers

content-encoding: br
access-control-allow-methods: GET, POST
access-control-allow-origin: *
date: Sat, 21 Sep 2024 22:50:21 GMT
content-type: application/json; charset=utf-8
x-powered-by: PHP/8.0.30, PleskLin
server: nginx
access-control-allow-headers: Content-Type

POST
H2 200 livechat.php Show response
krediyapilifaizsizzz.cloud/ 0
214 B 64ms
63ms XHR
application/json 145.239.120.141
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://krediyapilifaizsizzz.cloud/livechat.php
Requested by: Host: krediyapilifaizsizzz.cloud
URL: https://krediyapilifaizsizzz.cloud/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.120.141 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip141.ip-145-239-120.eu
Software: nginx / PHP/8.0.30, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://krediyapilifaizsizzz.cloud/

Response headers

content-encoding: br
access-control-allow-methods: GET, POST
access-control-allow-origin: *
date: Sat, 21 Sep 2024 22:50:23 GMT
content-type: application/json; charset=utf-8
x-powered-by: PHP/8.0.30, PleskLin
server: nginx
access-control-allow-headers: Content-Type

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Yapi Kredi (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://krediyapilifaizsizzz.cloud/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
krediyapilifaizsizzz.cloud
142.250.186.42
145.239.120.141
151.101.65.229
172.217.16.195
278d0f5f5cfd5651482f3649f1c4e7affe7da35fb8c34713a396161efb0aeeb7
39a9fb3cc353fd2328f88e49b38f661388a669dbba24c821a4045a853a9e3c31
661c636f1faa8adb0d9064bfc6bc85b4581fe851eed5b36b4c4e77f8e439b1c5
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
7b242b673876247f6b26af7e213ddbb4c345d167a6c96fcf54c94275179e2c3e
8276dc2f9064e026aab788c8b224bd18fe4129d9af50a0a0b8d7ebe6f364dcb5
84c733b55ba8c2a952391013ce80772d11acab1840b420dfa6c775c9593b3a4c
851f3682aafe84ae91017de5c93edfc79dcdc28a5652664c80c38a42ecc1afee
9a6ad22973f5737039a4fa7cf7e23f9744ccd47ec82da68f125be614314483fc
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

krediyapilifaizsizzz.cloud Open in urlscan Pro 145.239.120.141 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

166 kBTransfer

241 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

krediyapilifaizsizzz.cloud Open in urlscan Pro
145.239.120.141 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

166 kB
Transfer

241 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!