culey.com Open in urlscan Pro
192.185.48.152 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://culey.com/Fatturazione/Pay-4546221445.php?company=
Submission: On June 05 via api (June 5th 2024, 6:02:35 pm UTC) from CH — Scanned from IT

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 20 HTTP transactions. The main IP is 192.185.48.152, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is culey.com.
TLS certificate: Issued by R3 on May 23rd 2024. Valid for: 3 months.

This is the only time culey.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banca Sella (Online)

Domain & IP information

	IP Address	AS Autonomous System
11	192.185.48.152 192.185.48.152	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
20	3

11 192.185.48.152 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: alkindihospital.com

culey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	culey.com culey.com	246 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	999 B
0	paypalych.com Failed paypalych.com Failed
20	3

	Domain	Requested by
11	culey.com	culey.com
1	fonts.googleapis.com	culey.com
0	paypalych.com Failed	culey.com
20	3

This site contains no links.

Subject Issuer	Validity	Valid
www.culey.visionpointmedical.com R3	`2024-05-23` - `2024-08-21`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://culey.com/Fatturazione/Pay-4546221445.php?company=
Frame ID: EA13E04CB6D3CF69D675C71B81DBD350
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pagina di pagamento Carta di Credito

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Livewire (Web frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]{1,512}\bwire:

Page Statistics

20
Requests

60 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

247 kB
Transfer

634 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Pay-4546221445.php Show response
culey.com/Fatturazione/ 9 KB
3 KB 1132ms
508ms Document
text/html 192.185.48.152
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://culey.com/Fatturazione/Pay-4546221445.php?company=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.48.152 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: alkindihospital.com
Software: nginx/1.23.4 /
Resource Hash: 08ff081cc6a7ed2f28286282f028e149a360e39f03a089f04693693bfbbe479c

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 2960
content-type: text/html; charset=UTF-8
date: Wed, 05 Jun 2024 18:02:28 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.23.4
vary: Accept-Encoding,User-Agent
x-generated: t=1717610548556897 t=1717610548556897
x-proxy-cache: MISS
x-server-cache: true

GET
H2 200 fonts0c42.css
culey.com/Fatturazione/css/ 62 KB
15 KB 250ms
249ms Stylesheet
text/css 192.185.48.152
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://culey.com/Fatturazione/css/fonts0c42.css?id=0ddd5e73995fc645942c
Requested by: Host: culey.com
URL: https://culey.com/Fatturazione/Pay-4546221445.php?company=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.48.152 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: alkindihospital.com
Software: Apache /
Resource Hash: 2588c1bce637de4945ac0329c5dcbd2542c73263c286fffea96e9f76bb9e6044

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://culey.com/Fatturazione/Pay-4546221445.php?company=
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 05 Jun 2024 18:02:29 GMT
content-encoding: gzip
last-modified: Fri, 29 Sep 2023 06:48:24 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
x-generated: t=1717610549029995, t=1717610549029995
accept-ranges: bytes
content-length: 15596

GET
H2 200 paypalych37cb.css
culey.com/Fatturazione/css/ 119 KB
26 KB 492ms
491ms Stylesheet
text/css 192.185.48.152
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://culey.com/Fatturazione/css/paypalych37cb.css?id=a7eae1d02f0c03b61bcf
Requested by: Host: culey.com
URL: https://culey.com/Fatturazione/Pay-4546221445.php?company=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.48.152 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: alkindihospital.com
Software: Apache /
Resource Hash: e2db265539b85465d175890875d948b81b7bad0423596ffc2416eea012dc2519

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://culey.com/Fatturazione/Pay-4546221445.php?company=
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 05 Jun 2024 18:02:29 GMT
content-encoding: gzip
last-modified: Sat, 11 May 2024 09:31:24 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
x-generated: t=1717610549032616, t=1717610549032616
accept-ranges: bytes

GET
H2 200 paypalychf9f2.js Show response
culey.com/Fatturazione/js/ 246 KB
88 KB 932ms
931ms Script
application/javascript 192.185.48.152
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://culey.com/Fatturazione/js/paypalychf9f2.js?id=7d6eb95f7b4fe68055d7
Requested by: Host: culey.com
URL: https://culey.com/Fatturazione/Pay-4546221445.php?company=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.48.152 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: alkindihospital.com
Software: Apache /
Resource Hash: aca0387e245db4a404ce33668c840be9b19742f905c29892a7544da29e021590

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://culey.com/Fatturazione/Pay-4546221445.php?company=
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 05 Jun 2024 18:02:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Sep 2023 08:55:44 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-generated: t=1717610549320181, t=1717610549320181
accept-ranges: bytes

GET
H2 200 card-icon-white.svg
culey.com/Fatturazione/img/ 830 B
913 B 492ms
491ms Image
image/svg+xml 192.185.48.152
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://culey.com/Fatturazione/img/card-icon-white.svg
Requested by: Host: culey.com
URL: https://culey.com/Fatturazione/Pay-4546221445.php?company=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.48.152 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: alkindihospital.com
Software: Apache /
Resource Hash: 41edd2eeb10f3e867d55510a65d589460e96f8ec03fb305d07ebc5b7a7d9b0da

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://culey.com/Fatturazione/Pay-4546221445.php?company=
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 05 Jun 2024 18:02:29 GMT
last-modified: Sat, 11 May 2024 11:50:40 GMT
server: Apache
vary: User-Agent
content-type: image/svg+xml
x-generated: t=1717610549032650, t=1717610549032650
accept-ranges: bytes
content-length: 830

GET
H2 200 logo.png
culey.com/Fatturazione/img/ 67 KB
67 KB 341ms
341ms Image
image/png 192.185.48.152
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://culey.com/Fatturazione/img/logo.png
Requested by: Host: culey.com
URL: https://culey.com/Fatturazione/Pay-4546221445.php?company=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.48.152 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: alkindihospital.com
Software: Apache /
Resource Hash: ed93d7e318dcd30876f2ee573d4709c30b8a9b0ecea093a468bec6b223e87ebc

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://culey.com/Fatturazione/Pay-4546221445.php?company=
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 05 Jun 2024 18:02:29 GMT
last-modified: Sat, 11 May 2024 09:26:34 GMT
server: Apache
vary: User-Agent
content-type: image/png
x-generated: t=1717610549032663, t=1717610549032663
accept-ranges: bytes
content-length: 68497

GET
H2 200 LOGO_BSE_PAGAM.svg
culey.com/Fatturazione/img/ 3 KB
4 KB 605ms
604ms Image
image/svg+xml 192.185.48.152
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://culey.com/Fatturazione/img/LOGO_BSE_PAGAM.svg
Requested by: Host: culey.com
URL: https://culey.com/Fatturazione/Pay-4546221445.php?company=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.48.152 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: alkindihospital.com
Software: Apache /
Resource Hash: b7df3f607e2704502e16154beb52a35346a937ab5ccd276ccb288f0c5a7aad66

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://culey.com/Fatturazione/Pay-4546221445.php?company=
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 05 Jun 2024 18:02:29 GMT
last-modified: Sat, 11 May 2024 11:46:40 GMT
server: Apache
vary: User-Agent
content-type: image/svg+xml
x-generated: t=1717610549320190, t=1717610549320190
accept-ranges: bytes
content-length: 3567

GET
H2 200 phone-mask2ddb.js Show response
culey.com/Fatturazione/js/ 58 KB
21 KB 604ms
603ms Script
application/javascript 192.185.48.152
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://culey.com/Fatturazione/js/phone-mask2ddb.js?id=eeafb17409f2eb5cd334
Requested by: Host: culey.com
URL: https://culey.com/Fatturazione/Pay-4546221445.php?company=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.48.152 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: alkindihospital.com
Software: Apache /
Resource Hash: 537da97a9451300a60d4ad3216fab6438feb3e3ff97e4d039e0b4214ddb5e694

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://culey.com/Fatturazione/Pay-4546221445.php?company=
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 05 Jun 2024 18:02:29 GMT
content-encoding: gzip
last-modified: Fri, 29 Sep 2023 06:48:24 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-generated: t=1717610549319850, t=1717610549319850
accept-ranges: bytes

GET
H2 200 card-mask72a5.js Show response
culey.com/Fatturazione/js/ 58 KB
21 KB 596ms
595ms Script
application/javascript 192.185.48.152
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://culey.com/Fatturazione/js/card-mask72a5.js?id=c866456ef121f1f0c0e3
Requested by: Host: culey.com
URL: https://culey.com/Fatturazione/Pay-4546221445.php?company=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.48.152 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: alkindihospital.com
Software: Apache /
Resource Hash: 56f91478fe802666d50cd84e9828c6336d5a951fbb40cdb9d20b2d4b129e402b

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://culey.com/Fatturazione/Pay-4546221445.php?company=
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 05 Jun 2024 18:02:29 GMT
content-encoding: gzip
last-modified: Sat, 11 May 2024 11:58:26 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-generated: t=1717610549320151, t=1717610549320151
accept-ranges: bytes

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
999 B 960ms
98ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Manrope:wght@300;400;500;600;700&display=swap

Requested by

Host: culey.com
URL: https://culey.com/Fatturazione/css/paypalych37cb.css?id=a7eae1d02f0c03b61bcf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

a78e7c640d467bc22fdc1e9d8b3c77b7592e52ce46ccf9276b13e9cbafbd78e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://culey.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Jun 2024 18:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 05 Jun 2024 18:02:30 GMT

GET AvenirNextLTPro-Medium.woff2
paypalych.com/fonts/ 0
0

GET AvenirNextLTPro-Demi.woff2
paypalych.com/fonts/ 0
0

GET AvenirNextCyr-Light.woff
paypalych.com/fonts/ 0
0

GET AvenirNextLTPro-Regular.woff2
paypalych.com/fonts/ 0
0

GET AvenirNextCyr-Light.ttf
paypalych.com/fonts/ 0
0

GET AvenirNextLTPro-Demi.woff
paypalych.com/fonts/ 0
0

GET AvenirNextLTPro-Regular.woff
paypalych.com/fonts/ 0
0

GET AvenirNextLTPro-Medium.woff
paypalych.com/fonts/ 0
0

GET
H2 200 favicon-96x96.png
culey.com/Fatturazione/img/ 981 B
1 KB 184ms
183ms Other
image/png 192.185.48.152
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://culey.com/Fatturazione/img/favicon-96x96.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.48.152 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: alkindihospital.com
Software: Apache /
Resource Hash: f77f19fd4b51c0fcff2380a98350c945f14f5550bf0755f405ceb3eaaf9a81d9

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://culey.com/Fatturazione/Pay-4546221445.php?company=
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 05 Jun 2024 18:02:31 GMT
last-modified: Sat, 11 May 2024 11:13:16 GMT
server: Apache
vary: User-Agent
content-type: image/png
x-generated: t=1717610551327798, t=1717610551327798
accept-ranges: bytes
content-length: 981

GET
H2 200 favicon-96x96.png
culey.com/Fatturazione/img/ 981 B
0 2ms
0ms Other
image/png 192.185.48.152
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://culey.com/Fatturazione/img/favicon-96x96.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.48.152 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: alkindihospital.com
Software: Apache /
Resource Hash: f77f19fd4b51c0fcff2380a98350c945f14f5550bf0755f405ceb3eaaf9a81d9

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://culey.com/Fatturazione/Pay-4546221445.php?company=
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 05 Jun 2024 18:02:31 GMT
last-modified: Sat, 11 May 2024 11:13:16 GMT
server: Apache
vary: User-Agent
content-type: image/png
x-generated: t=1717610551327798, t=1717610551327798
accept-ranges: bytes
content-length: 981

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: paypalych.com
URL: https://paypalych.com/fonts/AvenirNextLTPro-Medium.woff2?a0f1958d0325075bb66be137a594263a

Domain: paypalych.com
URL: https://paypalych.com/fonts/AvenirNextLTPro-Demi.woff2?91b1580fda34f931fa9c978c93302a35

Domain: paypalych.com
URL: https://paypalych.com/fonts/AvenirNextCyr-Light.woff?3704bbcbb5beed2ec5d4da8dceb2ddee

Domain: paypalych.com
URL: https://paypalych.com/fonts/AvenirNextLTPro-Regular.woff2?903169cae55005904e314632fc792425

Domain: paypalych.com
URL: https://paypalych.com/fonts/AvenirNextCyr-Light.ttf?478f0acdb798c83facbd8baf75417e09

Domain: paypalych.com
URL: https://paypalych.com/fonts/AvenirNextLTPro-Demi.woff?9f92a59db327a79527f6e2b9789d0d05

Domain: paypalych.com
URL: https://paypalych.com/fonts/AvenirNextLTPro-Regular.woff?8512acb04e038e588cf7f4a033f8fd38

Domain: paypalych.com
URL: https://paypalych.com/fonts/AvenirNextLTPro-Medium.woff?91f0908ad627d383878d2ca4c0e54342

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banca Sella (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| IMask object| Alpine object| regeneratorRuntime

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			culey.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8077e012400ff1ea9ba47980f413d553

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://culey.com/Fatturazione/Pay-4546221445.php?company= Message: Access to font at 'https://paypalych.com/fonts/AvenirNextCyr-Light.woff?3704bbcbb5beed2ec5d4da8dceb2ddee' from origin 'https://culey.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://paypalych.com/fonts/AvenirNextCyr-Light.woff?3704bbcbb5beed2ec5d4da8dceb2ddee Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://culey.com/Fatturazione/Pay-4546221445.php?company= Message: Access to font at 'https://paypalych.com/fonts/AvenirNextLTPro-Demi.woff2?91b1580fda34f931fa9c978c93302a35' from origin 'https://culey.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://paypalych.com/fonts/AvenirNextLTPro-Demi.woff2?91b1580fda34f931fa9c978c93302a35 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://culey.com/Fatturazione/Pay-4546221445.php?company= Message: Access to font at 'https://paypalych.com/fonts/AvenirNextLTPro-Regular.woff2?903169cae55005904e314632fc792425' from origin 'https://culey.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://paypalych.com/fonts/AvenirNextLTPro-Regular.woff2?903169cae55005904e314632fc792425 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://culey.com/Fatturazione/Pay-4546221445.php?company= Message: Access to font at 'https://paypalych.com/fonts/AvenirNextLTPro-Medium.woff2?a0f1958d0325075bb66be137a594263a' from origin 'https://culey.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://paypalych.com/fonts/AvenirNextLTPro-Medium.woff2?a0f1958d0325075bb66be137a594263a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://culey.com/Fatturazione/Pay-4546221445.php?company= Message: Access to font at 'https://paypalych.com/fonts/AvenirNextCyr-Light.ttf?478f0acdb798c83facbd8baf75417e09' from origin 'https://culey.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://paypalych.com/fonts/AvenirNextCyr-Light.ttf?478f0acdb798c83facbd8baf75417e09 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://culey.com/Fatturazione/Pay-4546221445.php?company= Message: Access to font at 'https://paypalych.com/fonts/AvenirNextLTPro-Demi.woff?9f92a59db327a79527f6e2b9789d0d05' from origin 'https://culey.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://paypalych.com/fonts/AvenirNextLTPro-Demi.woff?9f92a59db327a79527f6e2b9789d0d05 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://culey.com/Fatturazione/Pay-4546221445.php?company= Message: Access to font at 'https://paypalych.com/fonts/AvenirNextLTPro-Regular.woff?8512acb04e038e588cf7f4a033f8fd38' from origin 'https://culey.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://paypalych.com/fonts/AvenirNextLTPro-Regular.woff?8512acb04e038e588cf7f4a033f8fd38 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://culey.com/Fatturazione/Pay-4546221445.php?company= Message: Access to font at 'https://paypalych.com/fonts/AvenirNextLTPro-Medium.woff?91f0908ad627d383878d2ca4c0e54342' from origin 'https://culey.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://paypalych.com/fonts/AvenirNextLTPro-Medium.woff?91f0908ad627d383878d2ca4c0e54342 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

culey.com
fonts.googleapis.com
paypalych.com
paypalych.com
142.250.186.42
192.185.48.152
08ff081cc6a7ed2f28286282f028e149a360e39f03a089f04693693bfbbe479c
2588c1bce637de4945ac0329c5dcbd2542c73263c286fffea96e9f76bb9e6044
41edd2eeb10f3e867d55510a65d589460e96f8ec03fb305d07ebc5b7a7d9b0da
537da97a9451300a60d4ad3216fab6438feb3e3ff97e4d039e0b4214ddb5e694
56f91478fe802666d50cd84e9828c6336d5a951fbb40cdb9d20b2d4b129e402b
a78e7c640d467bc22fdc1e9d8b3c77b7592e52ce46ccf9276b13e9cbafbd78e7
aca0387e245db4a404ce33668c840be9b19742f905c29892a7544da29e021590
b7df3f607e2704502e16154beb52a35346a937ab5ccd276ccb288f0c5a7aad66
e2db265539b85465d175890875d948b81b7bad0423596ffc2416eea012dc2519
ed93d7e318dcd30876f2ee573d4709c30b8a9b0ecea093a468bec6b223e87ebc
f77f19fd4b51c0fcff2380a98350c945f14f5550bf0755f405ceb3eaaf9a81d9

culey.com Open in urlscan Pro 192.185.48.152 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

20 Requests

60 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

247 kBTransfer

634 kBSize

1 Cookies

0 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

1 Cookies

16 Console Messages

Indicators

culey.com Open in urlscan Pro
192.185.48.152 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

60 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

247 kB
Transfer

634 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!