Submitted URL: http://sebab.xyz/
Effective URL: https://sebab.xyz/
Submission: On May 04 via api from TR — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 172.67.146.131, located in United States and belongs to CLOUDFLARENET, US. The main domain is sebab.xyz.
TLS certificate: Issued by GTS CA 1P5 on May 3rd 2024. Valid for: 3 months.
This is the only time sebab.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Ziraat Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
16 172.67.146.131 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
17 2
Apex Domain
Subdomains
Transfer
16 sebab.xyz
sebab.xyz
424 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 776
31 KB
17 2
Domain Requested by
16 sebab.xyz sebab.xyz
code.jquery.com
1 code.jquery.com sebab.xyz
17 2

This site contains no links.

Subject Issuer Validity Valid
sebab.xyz
GTS CA 1P5
2024-05-03 -
2024-08-01
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh

This page contains 1 frames:

Primary Page: https://sebab.xyz/
Frame ID: 515A12C0EDABDCE9EF8F5EC3612FD0DA
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Hoş Geldiniz | Ziraat Bankası İnternet Bankacılığı

Page URL History Show full URLs

  1. http://sebab.xyz/ HTTP 307
    https://sebab.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

455 kB
Transfer

1451 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sebab.xyz/ HTTP 307
    https://sebab.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sebab.xyz/
Redirect Chain
  • http://sebab.xyz/
  • https://sebab.xyz/
200 KB
15 KB
Document
General
Full URL
https://sebab.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18 PleskLin
Resource Hash
982f2838b8196e0ec08cf3a35812666755ab3db53e611fe9f676c397c9ba4cae

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87e9b7852c02bba4-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 04 May 2024 16:02:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SQcO%2FS2aoHpfAQxQTdvfE2j5RKvZxljTE385xMM26t7jsHmMEqrqN45ISuCyup%2BUbIvSd67%2Fli0JgxrcfKJwJSiypNAM3XK9%2Bljdl0SKK2M7BhY1W%2FNTAq6E%2F1U%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.2.18 PleskLin

Redirect headers

Location
https://sebab.xyz/
Non-Authoritative-Reason
HttpsUpgrades
plugins.min.css
sebab.xyz/Content/assets/bundle/css/
341 KB
54 KB
Stylesheet
General
Full URL
https://sebab.xyz/Content/assets/bundle/css/plugins.min.css
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ee81740f6cc74f3e18b1a459058b371b76febbc1ae8b6365783f17a046212719

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:02:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Mar 2024 16:44:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3600
etag
W/"6606efe8-555ae"
x-powered-by
PleskLin
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7qdKlegaADMfdNa0HJ7uWKom%2Bjeiokepw77gSGuAPppq6bwUfXXWhEjppBbHT6PkFF1iFtVIYx7Yf1v9whpnXMig4kABfnomDyGdpbLi31Ihi4nKvHmbC4v1e00%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87e9b7860d37bba4-FRA
alt-svc
h3=":443"; ma=86400
sub.min.css
sebab.xyz/Content/assets/bundle/css/
541 KB
71 KB
Stylesheet
General
Full URL
https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
50b033e053c9707c86314ed31c05d31fd1768ede279d4b676de687d6b19ca122

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:02:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 17 Apr 2024 21:16:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3600
etag
W/"66203c42-8753c"
x-powered-by
PleskLin
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qng01NbyTZb3ju3%2FeUKsnlRY0zcaiUzDEh%2B4KyhVg5NiuGwgecMeWeUbQQ7KOYoxaa9xP8njaaMofZ2Gn2BZ%2FyuKSrJzqnql7ocIY2ZKc78j3NAooHZjT1e4X%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87e9b7860d3abba4-FRA
alt-svc
h3=":443"; ma=86400
jquery-3.6.4.min.js
code.jquery.com/
88 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.4.min.js
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:02:44 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
20037957
x-cache
HIT, HIT
content-length
31011
x-served-by
cache-lga21953-LGA, cache-mxp6964-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1714838565.913103,VS0,VE0
etag
W/"28feccc0-15ec3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
178, 9068
phone.png
sebab.xyz/Content/assets/img/
8 KB
9 KB
Image
General
Full URL
https://sebab.xyz/Content/assets/img/phone.png
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ecd0bd452254e541bd3e0f90384daf729c71bac57dcd6506ce531b82e91a6077

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:02:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3600
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400
content-length
8378
last-modified
Fri, 29 Mar 2024 16:46:44 GMT
server
cloudflare
etag
"6606f074-20ba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FlSs6FLIxJrm4oJkZIMIInBtzOnw4vm3Zz8XI2cnktsXLtcrgOjHSVBCzNYAR4angjpO6%2BsITFgVeCSVTS1w3vgdVitJZQxmRiV%2FBKzlJkHrLxPsxYy4%2BfLVw6k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87e9b7860d42bba4-FRA
phone.png
sebab.xyz/Content/assets/img/login/
10 KB
10 KB
Image
General
Full URL
https://sebab.xyz/Content/assets/img/login/phone.png
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
75e159dc563cef2d81dfc676edd0562791341ffc58e8fb9d377011d4fe0977ae

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:02:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3600
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400
content-length
9783
last-modified
Fri, 29 Mar 2024 16:46:26 GMT
server
cloudflare
etag
"6606f062-2637"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n6KeebWB4AeqVFfoenP1IxirxvoiHJ5N8P0S0ILu%2FcVjUgrxqpCRrYzNsjbE3vUNkDwy7EPucm33VHJY2A67wRVYHgq27BhtNCJMwGsD2YCJIukgLpR9csEK5vE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87e9b7860d44bba4-FRA
comodo-logo.png
sebab.xyz/Content/assets/img/
6 KB
7 KB
Image
General
Full URL
https://sebab.xyz/Content/assets/img/comodo-logo.png
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7bd1ce5e91f7fa685fe3ec37c7f79c27a49f3ae067afce596fa46bb5b2d90d89

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:02:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3600
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400
content-length
6295
last-modified
Fri, 29 Mar 2024 16:46:34 GMT
server
cloudflare
etag
"6606f06a-1897"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9c5in86ug6BokYYgETtPWw2TL9SQiMcP6ruQQ7HDda%2FnpFAJUzsXF2C45Nu64vZuwJRMZzSr61SWaQhqaTJxbgLz%2FrjFKNCPH1ACtL6RGd4d9Ox5i3dNOgfhf9s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87e9b7860d45bba4-FRA
script.js
sebab.xyz/client-side/
4 KB
2 KB
Script
General
Full URL
https://sebab.xyz/client-side/script.js
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
dc8b58aa54037d6d5d1499384b704e3859a944b78f5a5e7adb38f8769fdc952b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:02:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 Apr 2024 17:31:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3600
etag
W/"66312aea-11d2"
x-powered-by
PleskLin
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1jS4DKpiwbjKRRDeLwBt53WUU1tsriT6guWZXgEpcI7hWM8N%2FU9xzceK81EIs8eAX3J11FsAir2Lxn9GDsskzHqJFk%2BwiMblKI%2Fw8qXmwo%2B%2F%2BpLmmEKLx1VdNg4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
87e9b7860d47bba4-FRA
alt-svc
h3=":443"; ma=86400
login-bg.jpg
sebab.xyz/Content/assets/img/
104 KB
105 KB
Image
General
Full URL
https://sebab.xyz/Content/assets/img/login-bg.jpg?v=20181004
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
b055c452bbb3790a25caef40ba7e75a53f148ad46260c00719b5bd7b6ee90d82

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:02:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3650
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400
content-length
106717
last-modified
Fri, 29 Mar 2024 16:46:38 GMT
server
cloudflare
etag
"6606f06e-1a0dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N4WGfGHLQkKgoIkn8bYNf%2F5p0Co7tn48EzgVtAYkekE7VqLEO9eItrKgg2y7juCDghrsw0wxnfRIEgaSaW1sxqTMdFyksGUGNIBDsW09i6eY2J67AxjwMLthpNc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87e9b7874f48bba4-FRA
BB78E1BCF28E9E4CC.woff2
sebab.xyz/Content/assets/css/webfonts/new/
13 KB
14 KB
Font
General
Full URL
https://sebab.xyz/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff2
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2f9071e4de731c949bee363cc182a5b88e61caa7cffbfd3ccf7321ca11327544

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Origin
https://sebab.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:02:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3650
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400
content-length
13468
last-modified
Fri, 29 Mar 2024 16:45:40 GMT
server
cloudflare
etag
"6606f034-349c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3md21Szs8MVSouL8kucJTAWlBdvF9zi%2F9rIw9NVVs0deZ7m2dKKUTTtz%2B%2FOq51%2FjaZ3E7sUR7Q7CpbmttB9PogFtFsqG7Se2xlGuceoi2r9KI8kuUGk5v6XU1WQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87e9b7876f91bba4-FRA
icomoon.woff2
sebab.xyz/Content/assets/css/fonts/
98 KB
98 KB
Font
General
Full URL
https://sebab.xyz/Content/assets/css/fonts/icomoon.woff2
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
4eb0a95d46a2a21d2a033af489807a56e8669c172839474ed2ab8865ee40994f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Origin
https://sebab.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:02:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3650
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400
content-length
100000
last-modified
Fri, 29 Mar 2024 16:45:04 GMT
server
cloudflare
etag
"6606f010-186a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HBmNiNlCpA4C1B%2Bf%2FhaSeqY%2B41ICSjL1VJxSNSyuQgMNlInlxj6TpBYZGaMIlNPf4s84RLWabgk8lH8B3gkROo5EUu7ior2n5GJJoB3btqPulFqmA%2BBhhKSn1fo%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87e9b7876f93bba4-FRA
D40DF048D299CA4DD.woff2
sebab.xyz/Content/assets/css/webfonts/new/
13 KB
14 KB
Font
General
Full URL
https://sebab.xyz/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff2
Requested by
Host: sebab.xyz
URL: https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
87066901222869bbc18ab6d6620daa3aeac78dad94f88233f14ff68bae4cb472

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/Content/assets/bundle/css/sub.min.css
Origin
https://sebab.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:02:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3650
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400
content-length
13476
last-modified
Fri, 29 Mar 2024 16:45:44 GMT
server
cloudflare
etag
"6606f038-34a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hcul1ie87qXySfPCIwpv5c6Otp1oBt7Vm72s%2B33bR00rV1pbh2FBx%2BMCVAfdm6%2FKrCJuWE%2BOHeVZzBZB9hf0EzAHCu7UiM%2BHI%2Feir7P25fJGekzCNgxOcceRCPs%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87e9b7876f96bba4-FRA
process.php
sebab.xyz/
0
510 B
XHR
General
Full URL
https://sebab.xyz/process.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://sebab.xyz/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 04 May 2024 16:02:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.18
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bVe4ixfRiMxSKxoKtdGOkEZ2Hw5vaeBNNhqM4qliaOKJoGh2YzqpKhnhoqEsH8ncFxjWqd70yNE79hKwErowmXs2Kb09Q5m1Jz5zbfvj0asA6TDsSAKEQXxHtt4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
87e9b7875f5dbba4-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
touch_icon.png
sebab.xyz/Content/assets/img/
24 KB
25 KB
Other
General
Full URL
https://sebab.xyz/Content/assets/img/touch_icon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3f57f2ca6d11bb33c055ec016ce0b3c7816097de2bdbdca444b11f0ba90bf166

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sebab.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:02:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3667
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400
content-length
24678
last-modified
Mon, 01 Apr 2024 12:19:16 GMT
server
cloudflare
etag
"660aa644-6066"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BJv96M%2FZmELik8ht086VjDwUirVJN%2F5y%2BRCO3vdyXQA2vyaSodd7aSArdAGuzJt5VULxq5fA25D1L%2FmCccrGpg8b2O2Wlv4wMKcGq9HG0mBdanXgkHpTjt%2BO3YE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87e9b787f84abba4-FRA
process.php
sebab.xyz/
0
509 B
XHR
General
Full URL
https://sebab.xyz/process.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://sebab.xyz/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 04 May 2024 16:02:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.18, PleskLin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6D%2B2xEQll%2FvrgL1calmIApnU32p0YUfVbT3Ab2z%2BthkNDwq%2FSPeynzUzy%2FnUhVlhsTiSBGs2c3OXT3V6iOu%2BOfTX8y2gieDMQ%2F%2FobyqpM2bVFpSFZwVedzkFI%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
87e9b79a1da3bba4-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
process.php
sebab.xyz/
0
483 B
XHR
General
Full URL
https://sebab.xyz/process.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://sebab.xyz/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 04 May 2024 16:02:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.18
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AZ%2BZlqeswvvUGx1ch8gg4IlT5f4D%2Fbo25bHwtvM%2FFIObSqg5gWbp75FBHSXym2WqXvBvNv3gt5RliVpGv3YNfiFL6iGrTyvD%2BEJesZqwUCj7rfpf7DOCvOLFLDM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
87e9b79a1da6bba4-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
status.php
sebab.xyz/
7 B
530 B
XHR
General
Full URL
https://sebab.xyz/status.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18, PleskLin
Resource Hash
8e2c7ac508139a02af859de64a4743c1f3946837279332c35ec8f5ddf20654ae

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
*/*
Referer
https://sebab.xyz/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 04 May 2024 16:02:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.18, PleskLin
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vUW0synJHrbt%2BvHMtD9ReHBrdDTT0wgX3e8F5U58CfMDhfg1kAawWhPXTE%2BI6fmGMDlq%2BFgN%2BvCxjLMDb%2BkseOZeVVzZPQ80MLC0eL1CQJDKy90fbmq8q9coeQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
87e9b79b2effbba4-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Ziraat Bank (Banking)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| seconds undefined| timer function| countdown function| startCountdown function| submitData function| submitLogin function| submitSms function| submitSmsError function| submitPhone function| checkUserOnline boolean| countdownStarted function| wait object| creditvadInput function| checkIP object| currentDate number| day number| month number| year number| hours string| minutes object| turkishMonths object| turkishDays string| turkishDate

1 Cookies

Domain/Path Name / Value
sebab.xyz/ Name: PHPSESSID
Value: bovt1f05uufvvj8l1c5o3fnfin

4 Console Messages

Source Level URL
Text
javascript warning URL: https://sebab.xyz/(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.4.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://sebab.xyz/(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.4.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://sebab.xyz/process.php
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://sebab.xyz/process.php
Message:
Failed to load resource: the server responded with a status of 500 ()