urlscan.io logo urlscan.io
SecurityTrails logo

sepetim7.tk Open in urlscan Pro
2606:4700:3031::6818:6d02  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://sepetim7.tk/bb/index1.php
Submission: On September 24 via manual from TR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3031::6818:6d02, located in United States and belongs to CLOUDFLARENET, US. The main domain is sepetim7.tk.
This is the only time sepetim7.tk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
12 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 3 2a03:2880:f11... 32934 (FACEBOOK)
27 4
Apex Domain
Subdomains		 Transfer
12 sepetim7.tk
sepetim7.tk
1 MB
3 fbcdn.net
static.xx.fbcdn.net Failed
fbcdn.net
61 KB
1 fbsbx.com
fbsbx.com
160 B
1 facebook.com
facebook.com
129 B
27 4
Domain Requested by
12 sepetim7.tk sepetim7.tk
2 static.xx.fbcdn.net sepetim7.tk
1 fbsbx.com sepetim7.tk
1 fbcdn.net 1 redirects
1 facebook.com 1 redirects
27 5

This site contains no links.

Subject Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-09-11 -
2020-12-10		 3 months crt.sh
fbcdn.net
DigiCert SHA2 High Assurance Server CA		 2020-08-18 -
2020-11-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://sepetim7.tk/bb/index1.php
Frame ID: 28974EE596B75B0FAD88EA82A687477E
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

27
Requests

11 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

1343 kB
Transfer

1825 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://facebook.com/security/hsts-pixel.gif?c=3.2 HTTP 302
  • https://fbcdn.net/security/hsts-pixel.gif?c=2 HTTP 302
  • https://fbsbx.com/security/hsts-pixel.gif

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set index1.php
sepetim7.tk/bb/ 		125 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sepetim7.tk/bb/index1.php
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.30
Resource Hash
758c7144681e6273a50fed540191d10974f633b8b3b31b08b47c12494995ff2e

Request headers

Host
sepetim7.tk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 11:39:15 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d8c79067a743f80acf5a75ea30d4680631600947555; expires=Sat, 24-Oct-20 11:39:15 GMT; path=/; domain=.sepetim7.tk; HttpOnly; SameSite=Lax
X-Powered-By
PHP/5.6.30
CF-Cache-Status
DYNAMIC
cf-request-id
05618224d60000dffb3392b200000001
Server
cloudflare
CF-RAY
5d7c394e2fb1dffb-FRA
Content-Encoding
gzip
bootstrap.min.css
sepetim7.tk/bb/css/ 		120 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sepetim7.tk/bb/css/bootstrap.min.css
Requested by
Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ced8587d3adc7516df82cbaf8f8330937968f87d1fb227b1bd06b62040d33d9

Request headers

Referer
http://sepetim7.tk/bb/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 11:39:15 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 24 Jul 2020 21:24:50 GMT
Server
cloudflare
Age
64
ETag
W/"1deb0-5ab369a5e5029"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5d7c394f0b06bece-FRA
cf-request-id
05618225600000bece9ea6b200000001
style.css
sepetim7.tk/bb/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sepetim7.tk/bb/style.css
Requested by
Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44ac13e8ea5bf68529f5613669b2885de802e94ab8998229d33a87563f4d0151

Request headers

Referer
http://sepetim7.tk/bb/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 11:39:15 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 24 Jul 2020 21:24:49 GMT
Server
cloudflare
Age
64
ETag
W/"2a9b-5ab369a522c57"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5d7c394f0e272ba1-FRA
cf-request-id
056182256100002ba1b0b98200000001
font-awesome.min.css
sepetim7.tk/bb/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sepetim7.tk/bb/css/font-awesome.min.css
Requested by
Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67c04522f01714791b1c36840e5983d16f7aa1cf35900d550eaf2adab031f298

Request headers

Referer
http://sepetim7.tk/bb/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 11:39:15 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 24 Jul 2020 21:24:50 GMT
Server
cloudflare
Age
64
ETag
W/"78d2-5ab369a61e239"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5d7c394f0bb6d6b1-FRA
cf-request-id
05618225620000d6b1cd370200000001
jquery-2.1.0.min.js
sepetim7.tk/bb/js/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sepetim7.tk/bb/js/jquery-2.1.0.min.js
Requested by
Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5a140b410f118c68dc918c10e68398bc8f35ccdd96cbed2d20ecadda5ef0eb5

Request headers

Referer
http://sepetim7.tk/bb/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 11:39:15 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 24 Jul 2020 21:25:13 GMT
Server
cloudflare
Age
64
ETag
W/"146a1-5ab369bbf8f91"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5d7c394f08d16467-FRA
cf-request-id
056182256100006467e406b200000001
bootstrap.min.js
sepetim7.tk/bb/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sepetim7.tk/bb/js/bootstrap.min.js
Requested by
Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd

Request headers

Referer
http://sepetim7.tk/bb/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 11:39:15 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 24 Jul 2020 21:25:12 GMT
Server
cloudflare
Age
64
ETag
W/"8fd6-5ab369bba1601"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5d7c394f0f272b4d-FRA
cf-request-id
056182256100002b4daa1f4200000001
lazysizes.min.js
sepetim7.tk/bb/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sepetim7.tk/bb/js/lazysizes.min.js
Requested by
Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92614d9570c0a2e3c2f34bda86556f1ba6638235599f157373468f3944736afc

Request headers

Referer
http://sepetim7.tk/bb/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 11:39:15 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 24 Jul 2020 21:25:12 GMT
Server
cloudflare
Age
64
ETag
W/"1966-5ab369bbc7761"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5d7c394f1f7c2b4d-FRA
cf-request-id
056182257200002b4daa1f5200000001
lazyload-ph.png
sepetim7.tk/bb/img/ 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sepetim7.tk/bb/img/lazyload-ph.png
Requested by
Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1088c6813574a256ff3d7c460c4aaf625b1ee163179c6cf7ebaca3a6c9d5b98

Request headers

Referer
http://sepetim7.tk/bb/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 11:39:15 GMT
CF-Cache-Status
HIT
Last-Modified
Fri, 24 Jul 2020 21:24:50 GMT
Server
cloudflare
Age
64
ETag
"3a2-5ab369a688c7a"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5d7c394f28e46467-FRA
Content-Length
930
cf-request-id
056182257400006467e406c200000001
9eQbYTe1LY-.css
static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/ 		0
0
fontawesome-webfont.woff2
sepetim7.tk/bb/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://sepetim7.tk/bb/fonts/fontawesome-webfont.woff2
Requested by
Host: sepetim7.tk
URL: http://sepetim7.tk/bb/css/font-awesome.min.css
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Origin
http://sepetim7.tk
Referer
http://sepetim7.tk/bb/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 11:39:15 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Server
cloudflare
Age
64
Vary
accept-language,accept-charset, Accept-Encoding
Content-Language
en
Content-Type
text/html; charset=utf-8
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5d7c394f482f2b4d-FRA
cf-request-id
056182259000002b4daa1f9200000001
fontawesome-webfont.woff
sepetim7.tk/bb/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://sepetim7.tk/bb/fonts/fontawesome-webfont.woff
Requested by
Host: sepetim7.tk
URL: http://sepetim7.tk/bb/css/font-awesome.min.css
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Origin
http://sepetim7.tk
Referer
http://sepetim7.tk/bb/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 11:39:15 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Server
cloudflare
Age
64
Vary
accept-language,accept-charset, Accept-Encoding
Content-Language
en
Content-Type
text/html; charset=utf-8
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5d7c394f68612b4d-FRA
cf-request-id
056182259d00002b4daa1fa200000001
Yq4mlV9zAVw.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/Yq4mlV9zAVw.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
91525011226c4b3afcc815ca58d4ef5841cf49db254104ff98bad1bb58481dad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
http://sepetim7.tk
Referer
http://sepetim7.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 11:39:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Ppiw/CUxtDXotx6WG0yWjA==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
3173
x-fb-debug
/DG8YTLk5rC3rGm9wVKuuKVQuO8ecjgxtDsRFJ1KD1Zansca5LIbuSax3SY/3mAkE52IlP+kAQuLe4auu6aSpg==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 24 Sep 2021 11:38:11 GMT
DyFl8tytnIn.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ 		224 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/DyFl8tytnIn.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9a278fd661172e9ab3f97c1519871c985aeef9ab31f8e54358340d8a533b0280
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
http://sepetim7.tk
Referer
http://sepetim7.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 11:39:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
UfOYkAqPy5GNVooqZD96Gg==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
58946
x-fb-debug
mhu3x5myxYh4HcL9WbbWFuI29B3vcEb36ud++2Lr+HsIxuhCPvewM05PDNQxtYz7mlGfq8UHNnhtEwA6h/yTlw==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 24 Sep 2021 08:43:09 GMT
fontawesome-webfont.ttf
sepetim7.tk/bb/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://sepetim7.tk/bb/fonts/fontawesome-webfont.ttf
Requested by
Host: sepetim7.tk
URL: http://sepetim7.tk/bb/css/font-awesome.min.css
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Origin
http://sepetim7.tk
Referer
http://sepetim7.tk/bb/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 11:39:15 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Server
cloudflare
Age
63
Vary
accept-language,accept-charset, Accept-Encoding
Content-Language
en
Content-Type
text/html; charset=utf-8
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5d7c394f789c2b4d-FRA
cf-request-id
05618225aa00002b4daa1fb200000001
hsts-pixel.gif
fbsbx.com/security/
Redirect Chain
  • https://facebook.com/security/hsts-pixel.gif?c=3.2
  • https://fbcdn.net/security/hsts-pixel.gif?c=2
  • https://fbsbx.com/security/hsts-pixel.gif
43 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fbsbx.com/security/hsts-pixel.gif
Requested by
Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://sepetim7.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
br
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
z82p6+3HMslWtneQfBttVeN3Fvzfq1cMvCNIevxEdeyi56PFlfK+qSntVmf+tKJ+3IrHb9Up5xOW1nRRlo1SWw==
x-frame-options
DENY
date
Thu, 24 Sep 2020 11:39:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

x-fb-debug
za+ysjmZlSnY67T16acylY+wUILHleRWBuNSFEg5+go4inuw3G35X4EWVMqD3ZsguuAR55eDc8c+H2F6+VUQyA==
status
302
date
Thu, 24 Sep 2020 11:39:15 GMT
location
https://fbsbx.com/security/hsts-pixel.gif
content-type
text/html; charset="utf-8"
access-control-allow-origin
*
strict-transport-security
max-age=31536000; preload; includeSubDomains
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
07jaU74bbvp.js
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ 		0
0
F-8K1hS2X1t.js
static.xx.fbcdn.net/rsrc.php/v3i_fH4/yl/l/tr_TR/ 		0
0
vltR5wNzE_8.js
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ 		0
0
9eQbYTe1LY-.css
static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/ 		0
0
07jaU74bbvp.js
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ 		0
0
vltR5wNzE_8.js
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ 		0
0
uAcM-jLm61s.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ 		0
0
xDG5092i_a5.js
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ 		0
0
F-8K1hS2X1t.js
static.xx.fbcdn.net/rsrc.php/v3i_fH4/yl/l/tr_TR/ 		0
0
1z-zpR2Cazi.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ 		0
0
8rE_wlI4SRg.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ 		0
0
11.png
sepetim7.tk/bb/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sepetim7.tk/bb/11.png
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
685eedd1d577a16908d94d5985a08b17208017faae40d6d4e5987a462cbd7342

Request headers

Referer
http://sepetim7.tk/bb/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 11:39:15 GMT
CF-Cache-Status
HIT
Last-Modified
Fri, 24 Jul 2020 21:24:48 GMT
Server
cloudflare
Age
64
ETag
"125dfd-5ab369a43a726"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5d7c3950ae65dffb-FRA
Content-Length
1203709
cf-request-id
05618226680000dffb33957200000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/9eQbYTe1LY-.css?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/07jaU74bbvp.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3i_fH4/yl/l/tr_TR/F-8K1hS2X1t.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/vltR5wNzE_8.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/9eQbYTe1LY-.css?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/07jaU74bbvp.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/vltR5wNzE_8.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/uAcM-jLm61s.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/xDG5092i_a5.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3i_fH4/yl/l/tr_TR/F-8K1hS2X1t.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/1z-zpR2Cazi.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/8rE_wlI4SRg.js?_nc_x=Ij3Wp8lg5Kz

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| envFlush object| Env boolean| DEFER_COOKIES number| __DEV__ undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer object| ErrorGuard object| ErrorUtils function| CavalryLogger function| __updateOrientation object| TimeSlice function| ProfilingCounters function| __bpe function| now_inl object| bigPipe object| lazySizesConfig object| lazySizes

1 Cookies

Domain/Path Name / Value
.sepetim7.tk/ Name: __cfduid
Value: d8c79067a743f80acf5a75ea30d4680631600947555