sepetim7.tk
Open in
urlscan Pro
2606:4700:3031::6818:6d02
Malicious Activity!
Public Scan
Submission: On September 24 via manual from TR
Summary
This is the only time sepetim7.tk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 2606:4700:303... 2606:4700:3031::6818:6d02 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
2 3 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
27 | 4 |
ASN32934 (FACEBOOK, US)
facebook.com | |
fbcdn.net | |
fbsbx.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
sepetim7.tk
sepetim7.tk |
1 MB |
3 |
fbcdn.net
static.xx.fbcdn.net Failed fbcdn.net |
62 KB |
1 |
fbsbx.com
fbsbx.com |
742 B |
1 |
facebook.com
1 redirects
facebook.com |
323 B |
27 | 4 |
Domain | Requested by | |
---|---|---|
12 | sepetim7.tk |
sepetim7.tk
|
2 | static.xx.fbcdn.net |
sepetim7.tk
|
1 | fbsbx.com |
sepetim7.tk
|
1 | fbcdn.net | 1 redirects |
1 | facebook.com | 1 redirects |
27 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-09-11 - 2020-12-10 |
3 months | crt.sh |
fbcdn.net DigiCert SHA2 High Assurance Server CA |
2020-08-18 - 2020-11-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://sepetim7.tk/bb/index1.php
Frame ID: 563F46B5DF0F546C0A510CA5C1088BAE
Requests: 27 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://facebook.com/security/hsts-pixel.gif?c=3.2 HTTP 302
- https://fbcdn.net/security/hsts-pixel.gif?c=2 HTTP 302
- https://fbsbx.com/security/hsts-pixel.gif
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
index1.php
sepetim7.tk/bb/ |
125 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
sepetim7.tk/bb/css/ |
120 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
sepetim7.tk/bb/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
sepetim7.tk/bb/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.1.0.min.js
sepetim7.tk/bb/js/ |
82 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
sepetim7.tk/bb/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lazysizes.min.js
sepetim7.tk/bb/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lazyload-ph.png
sepetim7.tk/bb/img/ |
930 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
9eQbYTe1LY-.css
static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Yq4mlV9zAVw.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DyFl8tytnIn.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ |
224 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
fbsbx.com/security/ Redirect Chain
|
43 B 742 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
07jaU74bbvp.js
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
F-8K1hS2X1t.js
static.xx.fbcdn.net/rsrc.php/v3i_fH4/yl/l/tr_TR/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
vltR5wNzE_8.js
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
uAcM-jLm61s.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
xDG5092i_a5.js
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1z-zpR2Cazi.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
8rE_wlI4SRg.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff2
sepetim7.tk/bb/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
9eQbYTe1LY-.css
static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
07jaU74bbvp.js
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
vltR5wNzE_8.js
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
F-8K1hS2X1t.js
static.xx.fbcdn.net/rsrc.php/v3i_fH4/yl/l/tr_TR/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
11.png
sepetim7.tk/bb/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff
sepetim7.tk/bb/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.ttf
sepetim7.tk/bb/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- static.xx.fbcdn.net
- URL
- https://static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/9eQbYTe1LY-.css?_nc_x=Ij3Wp8lg5Kz
- Domain
- static.xx.fbcdn.net
- URL
- https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/07jaU74bbvp.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- static.xx.fbcdn.net
- URL
- https://static.xx.fbcdn.net/rsrc.php/v3i_fH4/yl/l/tr_TR/F-8K1hS2X1t.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- static.xx.fbcdn.net
- URL
- https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/vltR5wNzE_8.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- static.xx.fbcdn.net
- URL
- https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/uAcM-jLm61s.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- static.xx.fbcdn.net
- URL
- https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/xDG5092i_a5.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- static.xx.fbcdn.net
- URL
- https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/1z-zpR2Cazi.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- static.xx.fbcdn.net
- URL
- https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/8rE_wlI4SRg.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- static.xx.fbcdn.net
- URL
- https://static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/9eQbYTe1LY-.css?_nc_x=Ij3Wp8lg5Kz
- Domain
- static.xx.fbcdn.net
- URL
- https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/07jaU74bbvp.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- static.xx.fbcdn.net
- URL
- https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/vltR5wNzE_8.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- static.xx.fbcdn.net
- URL
- https://static.xx.fbcdn.net/rsrc.php/v3i_fH4/yl/l/tr_TR/F-8K1hS2X1t.js?_nc_x=Ij3Wp8lg5Kz
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| $ function| jQuery function| envFlush object| Env boolean| DEFER_COOKIES number| __DEV__ undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer object| ErrorGuard object| ErrorUtils function| CavalryLogger function| __updateOrientation object| TimeSlice function| ProfilingCounters function| __bpe function| now_inl object| bigPipe object| lazySizesConfig object| lazySizes1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.sepetim7.tk/ | Name: __cfduid Value: d0427afb5ea3fdcd34abc35f9f282ebc51600947491 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com
fbcdn.net
fbsbx.com
sepetim7.tk
static.xx.fbcdn.net
static.xx.fbcdn.net
2606:4700:3031::6818:6d02
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
44ac13e8ea5bf68529f5613669b2885de802e94ab8998229d33a87563f4d0151
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
67c04522f01714791b1c36840e5983d16f7aa1cf35900d550eaf2adab031f298
685eedd1d577a16908d94d5985a08b17208017faae40d6d4e5987a462cbd7342
758c7144681e6273a50fed540191d10974f633b8b3b31b08b47c12494995ff2e
7ced8587d3adc7516df82cbaf8f8330937968f87d1fb227b1bd06b62040d33d9
91525011226c4b3afcc815ca58d4ef5841cf49db254104ff98bad1bb58481dad
92614d9570c0a2e3c2f34bda86556f1ba6638235599f157373468f3944736afc
9a278fd661172e9ab3f97c1519871c985aeef9ab31f8e54358340d8a533b0280
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
b5a140b410f118c68dc918c10e68398bc8f35ccdd96cbed2d20ecadda5ef0eb5
e1088c6813574a256ff3d7c460c4aaf625b1ee163179c6cf7ebaca3a6c9d5b98