sebab.xyz Open in urlscan Pro
2606:4700:3035::6815:2967  Malicious Activity! Public Scan

URL: https://sebab.xyz/
Submission: On May 04 via api from TR — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3035::6815:2967, located in United States and belongs to CLOUDFLARENET, US. The main domain is sebab.xyz.
TLS certificate: Issued by GTS CA 1P5 on May 3rd 2024. Valid for: 3 months.
This is the only time sebab.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Ziraat Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
16 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
17 2
Apex Domain
Subdomains
Transfer
16 sebab.xyz
sebab.xyz
424 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 776
31 KB
17 2
Domain Requested by
16 sebab.xyz sebab.xyz
code.jquery.com
1 code.jquery.com sebab.xyz
17 2

This site contains no links.

Subject Issuer Validity Valid
sebab.xyz
GTS CA 1P5
2024-05-03 -
2024-08-01
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh

This page contains 1 frames:

Primary Page: https://sebab.xyz/
Frame ID: C48A90159AC3057EB0DA5A9DD89CDD16
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Hoş Geldiniz | Ziraat Bankası İnternet Bankacılığı

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

455 kB
Transfer

1451 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sebab.xyz/
200 KB
15 KB
Document
General
Full URL
https://sebab.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18 PleskLin
Resource Hash
982f2838b8196e0ec08cf3a35812666755ab3db53e611fe9f676c397c9ba4cae

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87e9edbd5ddf9bfe-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 04 May 2024 16:39:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AVfKEezLDGZHK6mntwpQ21bG2%2F84AzQzdRHPSy%2BGS281m25c%2F%2FRK823oyq5F0yFhy%2FcEquv%2BWmE5BW60Y6iql6TafbJxPgw0KRfp9oyPArslRFyYZF67fCQ%2F4JUXoyPeVK0NdZKbPsY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.2.18 PleskLin
plugins.min.css
sebab.xyz/Content/assets/bundle/css/
341 KB
54 KB
Stylesheet
General
Full URL
https://sebab.xyz/Content/assets/bundle/css/plugins.min.css
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ee81740f6cc74f3e18b1a459058b371b76febbc1ae8b6365783f17a046212719

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:39:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Mar 2024 16:44:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6009
etag
W/"6606efe8-555ae"
x-powered-by
PleskLin
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F6HyevGU3FOKFC7ZJEGHC7UIzuhgUTQMWi1weelqJpbcgKVMjkqBEWu5La77EIwyvktwMiMqyPKahKJvTNZFguXwlVR4eKJACKlyQfGnQQNNZa7P3UY5gmw8XsDlAA7xiNUiii0ogsI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87e9edbe0ee09bfe-FRA
alt-svc
h3=":443"; ma=86400
sub.min.css
sebab.xyz/Content/assets/bundle/css/
541 KB
71 KB
Stylesheet
General
Full URL
https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
50b033e053c9707c86314ed31c05d31fd1768ede279d4b676de687d6b19ca122

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:39:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 17 Apr 2024 21:16:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6009
etag
W/"66203c42-8753c"
x-powered-by
PleskLin
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G3Nf0HTvgvDJUt9eETpdVOBwbvUMUw76uqUNHXyan4Gttk4xTseqrKUVhD%2BdJKZPT2AQ85O9RWs1qhdcWf2xYI%2BwFyGE4adaB8gJ1dAKUkdU4yWqbUCJ9Mn8fcMEDimpGJST7r7MoUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87e9edbe0ee39bfe-FRA
alt-svc
h3=":443"; ma=86400
jquery-3.6.4.min.js
code.jquery.com/
88 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.4.min.js
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:39:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
20038586
x-cache
HIT, HIT
content-length
31011
x-served-by
cache-lga21953-LGA, cache-fra-etou8220096-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1714840786.629842,VS0,VE0
etag
W/"28feccc0-15ec3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
133, 7704
phone.png
sebab.xyz/Content/assets/img/
8 KB
9 KB
Image
General
Full URL
https://sebab.xyz/Content/assets/img/phone.png
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ecd0bd452254e541bd3e0f90384daf729c71bac57dcd6506ce531b82e91a6077

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:39:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6009
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400
content-length
8378
last-modified
Fri, 29 Mar 2024 16:46:44 GMT
server
cloudflare
etag
"6606f074-20ba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PyMIdnahN89mF8VRBlPzbyCw4Orikw4quKm2gD2Atb2rRNqjlNV8tawsIG6WOPAt0yvCidlW8TwcPKodcPvmpmdOHMSVGnv67GVIp75zK6c6K%2FDSXEsPruO8l%2F4PE7hc3aw7DGKGOyY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87e9edbe0ef19bfe-FRA
phone.png
sebab.xyz/Content/assets/img/login/
10 KB
10 KB
Image
General
Full URL
https://sebab.xyz/Content/assets/img/login/phone.png
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
75e159dc563cef2d81dfc676edd0562791341ffc58e8fb9d377011d4fe0977ae

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:39:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6009
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400
content-length
9783
last-modified
Fri, 29 Mar 2024 16:46:26 GMT
server
cloudflare
etag
"6606f062-2637"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8CzabLsg899XWcJXrLzmcW09wkea3BQNa98Se%2Bbj4WO%2BxZNfphzU%2Bdm7fwJW9moJnuqxIJab5PYvyTe%2FVNL4kPd54YwHPBoL6hWGFH%2BBpHYup6UIElQ%2BlomQZyatWE6OvU8iaRB6e9A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87e9edbe0ef39bfe-FRA
comodo-logo.png
sebab.xyz/Content/assets/img/
6 KB
7 KB
Image
General
Full URL
https://sebab.xyz/Content/assets/img/comodo-logo.png
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7bd1ce5e91f7fa685fe3ec37c7f79c27a49f3ae067afce596fa46bb5b2d90d89

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:39:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6009
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400
content-length
6295
last-modified
Fri, 29 Mar 2024 16:46:34 GMT
server
cloudflare
etag
"6606f06a-1897"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pqxueTJGENYqVrdaUGVq8Wja9lGpeCnmL0xWoN3kX494oiRpu8xC%2FY7GNwoF2kvtehMUMNLfv2YjFnw83USEjSbqvNMAzXSjaouuIRhx6kphlGvVjy5hEO8KCwSCY%2FVXf%2BVCbzQKONA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87e9edbe0ef69bfe-FRA
script.js
sebab.xyz/client-side/
4 KB
2 KB
Script
General
Full URL
https://sebab.xyz/client-side/script.js
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
dc8b58aa54037d6d5d1499384b704e3859a944b78f5a5e7adb38f8769fdc952b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:39:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 Apr 2024 17:31:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6009
etag
W/"66312aea-11d2"
x-powered-by
PleskLin
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=07msMholbizNcyqaa6qRGNgqOxfXKW5josM50qrAMZRMkJP38UG%2B3QYt%2FzoDiim841u5wQ4JbDuU3a%2FYnsLfFpTDKtqE5qz7TmVUPrvlQDpksC3P9rBRMDRQOBehSmFhk0ErQDluzvU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
87e9edbe0ef89bfe-FRA
alt-svc
h3=":443"; ma=86400
login-bg.jpg
sebab.xyz/Content/assets/img/
104 KB
105 KB
Image
General
Full URL
https://sebab.xyz/Content/assets/img/login-bg.jpg?v=20181004
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
b055c452bbb3790a25caef40ba7e75a53f148ad46260c00719b5bd7b6ee90d82

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:39:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6009
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400
content-length
106717
last-modified
Fri, 29 Mar 2024 16:46:38 GMT
server
cloudflare
etag
"6606f06e-1a0dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DC6gwy03fhEv2PBdshMnackkfXpgY2bOOB9BxM4yUtJ%2Fw5DmOUy68dC1KbJxOCPN04wYl306PWJwUWgN79XOK9q97b7mxJivcdqf%2F5wVtPCv6RNexp7wjZXpFm%2FI4tq1xXNCUgouZYw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87e9edbe7f799bfe-FRA
BB78E1BCF28E9E4CC.woff2
sebab.xyz/Content/assets/css/webfonts/new/
13 KB
14 KB
Font
General
Full URL
https://sebab.xyz/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff2
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2f9071e4de731c949bee363cc182a5b88e61caa7cffbfd3ccf7321ca11327544

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Origin
https://sebab.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:39:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5926
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400
content-length
13468
last-modified
Fri, 29 Mar 2024 16:45:40 GMT
server
cloudflare
etag
"6606f034-349c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aIdmj%2BZymnLiTo7RSewsTShmLBFOebNXf1lkXV0dgga67Y5NUtD2ZGZJZ8MyGMOBK1Vxg7rz44Zvl9k8YqpW3N%2B0esoGa9Au1Om%2Fp%2FOCMTjz4IvCX3AVyGlY0QFhz76wDZ%2Bi1G3PTTY%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87e9edbeafa59bfe-FRA
icomoon.woff2
sebab.xyz/Content/assets/css/fonts/
98 KB
98 KB
Font
General
Full URL
https://sebab.xyz/Content/assets/css/fonts/icomoon.woff2
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
4eb0a95d46a2a21d2a033af489807a56e8669c172839474ed2ab8865ee40994f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Origin
https://sebab.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:39:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5926
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400
content-length
100000
last-modified
Fri, 29 Mar 2024 16:45:04 GMT
server
cloudflare
etag
"6606f010-186a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=It6DdqmylTlfQeB59Sr%2BWFUUpAhcknJ6sM4YSnF78SHVWwzfgFB4mxUjpSDB9lM2lptmHk%2F0q7fG7nRaMQIirn8iHNSmJh%2BOHj3mCRoPSw5kMQ8F7t3DTtgM9UaK9cGGbBrGWj48LJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87e9edbeafa79bfe-FRA
D40DF048D299CA4DD.woff2
sebab.xyz/Content/assets/css/webfonts/new/
13 KB
14 KB
Font
General
Full URL
https://sebab.xyz/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff2
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
87066901222869bbc18ab6d6620daa3aeac78dad94f88233f14ff68bae4cb472

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Origin
https://sebab.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:39:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5926
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400
content-length
13476
last-modified
Fri, 29 Mar 2024 16:45:44 GMT
server
cloudflare
etag
"6606f038-34a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZrzVpGBSSVchWTbnnxRVDWCs3mJzOozPUiGf8r3Z3kGX38i3NkGFBZ62B3vFXVmbbW%2FPcgh7pJs%2BU2RHKEPy8BJi3sVcwTn%2Ffw0nwkEjH4K8%2BM2S27h3EB%2BStxYJCSlLHXGsipLFpE%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87e9edbeafaa9bfe-FRA
process.php
sebab.xyz/
0
529 B
XHR
General
Full URL
https://sebab.xyz/process.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://sebab.xyz/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 04 May 2024 16:39:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.18
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Ug7j4WkWC6m6uVsDufYyk5t%2BKo63OdZl8i4Lr8IaLxHOI9qRac5ZkxsQXhY3Gaaqa3BwbLDultS4YaXa7z9sxb6T4buEJ4QrBocpPONtJfEPEWla3KvGwBV%2B5DczeDGy08YP04G%2BN4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
87e9edbeafac9bfe-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
touch_icon.png
sebab.xyz/Content/assets/img/
24 KB
25 KB
Other
General
Full URL
https://sebab.xyz/Content/assets/img/touch_icon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3f57f2ca6d11bb33c055ec016ce0b3c7816097de2bdbdca444b11f0ba90bf166

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:39:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5858
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400
content-length
24678
last-modified
Mon, 01 Apr 2024 12:19:16 GMT
server
cloudflare
etag
"660aa644-6066"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=550AIp1IytOecNsC8P0KGIX7UrhSZTNETRnHQDKkfEX%2FUzv8Drj7rNVdm6%2FpzeNX1Nm9q6cv2pvKs6ZKACdTU3DzB0LtUoAYelsyuZa98CwijBhHFeAtZ7f7Jr16%2BQbr9drmUkmItJg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87e9edbf181c9bfe-FRA
process.php
sebab.xyz/
0
517 B
XHR
General
Full URL
https://sebab.xyz/process.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://sebab.xyz/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 04 May 2024 16:39:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.18, PleskLin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UVA7qzTfu24Ig2Bf3%2FpIFO6NYYtYdaEASQ2N7SeJD72ovHRpDIqi6Pi75YNkSOT4FTUVfQpF%2BlUMTd8Yl0YpVdzKFT5JXnCE8ai%2BcLGi6GZCblH%2Fl6WNzYR4r0oEDOrma7X%2FChhexU8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
87e9edd178e89bfe-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
process.php
sebab.xyz/
0
498 B
XHR
General
Full URL
https://sebab.xyz/process.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://sebab.xyz/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 04 May 2024 16:39:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.18
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JMSj2i%2BRlXWqZlY4BwLCkb19moab3rbFIrAGYuJwyj7RoIGxHeEH0u2l%2BJ4bg4xOqOcTJp%2BoPZfUxu4gMscCRuht%2BQzx9Exp8vikTe24ThC%2BVzpkvSfpcGKHS%2BJ4Ff98tkZNLjnVgFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
87e9edd178ed9bfe-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
status.php
sebab.xyz/
7 B
540 B
XHR
General
Full URL
https://sebab.xyz/status.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18, PleskLin
Resource Hash
8e2c7ac508139a02af859de64a4743c1f3946837279332c35ec8f5ddf20654ae

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
*/*
Referer
https://sebab.xyz/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 04 May 2024 16:39:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.18, PleskLin
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UEdxIb32Fp5GNN1fkl3kfggPcibQLJYcjPyo0o%2FJ9NcIOoAuoU67DGNiYiEG2gZqhioeu1zdcWmrayDfVOE%2BTH0Iu02Pkf7fwNZpRM9ZffZiFp%2FRxyq%2Bugsetw9RXzoI9VHfgTwOwjs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
87e9edd1a9209bfe-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Ziraat Bank (Banking)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| seconds undefined| timer function| countdown function| startCountdown function| submitData function| submitLogin function| submitSms function| submitSmsError function| submitPhone function| checkUserOnline boolean| countdownStarted function| wait object| creditvadInput function| checkIP object| currentDate number| day number| month number| year number| hours number| minutes object| turkishMonths object| turkishDays string| turkishDate

1 Cookies

Domain/Path Name / Value
sebab.xyz/ Name: PHPSESSID
Value: vpcnt7qegigqkguqvf6in773ag

4 Console Messages

Source Level URL
Text
javascript warning URL: https://sebab.xyz/(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.4.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://sebab.xyz/(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.4.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://sebab.xyz/process.php
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://sebab.xyz/process.php
Message:
Failed to load resource: the server responded with a status of 500 ()