sepetim7.tk Open in urlscan Pro
2606:4700:3031::6818:6d02 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://sepetim7.tk/bb/index1.php
Submission: On September 24 via manual (September 24th 2020, 11:38:28 am UTC) from TR

Summary HTTP 27 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3031::6818:6d02, located in United States and belongs to CLOUDFLARENET, US. The main domain is sepetim7.tk.

This is the only time sepetim7.tk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address		AS Autonomous System
12	2606:4700:303... 2606:4700:3031::6818:6d02		13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3		32934 (FACEBOOK) (FACEBOOK)
2 3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de		32934 (FACEBOOK) (FACEBOOK)
27	4

12 2606:4700:3031::6818:6d02 (United States)

ASN13335 (CLOUDFLARENET, US)

sepetim7.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 2 redirects

ASN32934 (FACEBOOK, US)

facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fbsbx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	sepetim7.tk sepetim7.tk	1 MB
3	fbcdn.net static.xx.fbcdn.net Failed fbcdn.net	62 KB
1	fbsbx.com fbsbx.com	742 B
1	facebook.com 1 redirects facebook.com	323 B
27	4

	Domain	Requested by
12	sepetim7.tk	sepetim7.tk
2	static.xx.fbcdn.net	sepetim7.tk
1	fbsbx.com	sepetim7.tk
1	fbcdn.net	1 redirects
1	facebook.com	1 redirects
27	5

This site contains no links.

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
fbcdn.net DigiCert SHA2 High Assurance Server CA	`2020-08-18` - `2020-11-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://sepetim7.tk/bb/index1.php
Frame ID: 563F46B5DF0F546C0A510CA5C1088BAE
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

27
Requests

11 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

1344 kB
Transfer

1825 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://facebook.com/security/hsts-pixel.gif?c=3.2 HTTP 302
https://fbcdn.net/security/hsts-pixel.gif?c=2 HTTP 302
https://fbsbx.com/security/hsts-pixel.gif

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set index1.php Show response
sepetim7.tk/bb/ 125 KB
32 KB 147ms
124ms Document
text/html 2606:4700:3031::6818:6d02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://sepetim7.tk/bb/index1.php
Protocol: HTTP/1.1
Server: 2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.30
Resource Hash: 758c7144681e6273a50fed540191d10974f633b8b3b31b08b47c12494995ff2e

Request headers

Host: sepetim7.tk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 11:38:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d0427afb5ea3fdcd34abc35f9f282ebc51600947491; expires=Sat, 24-Oct-20 11:38:11 GMT; path=/; domain=.sepetim7.tk; HttpOnly; SameSite=Lax
X-Powered-By: PHP/5.6.30
CF-Cache-Status: DYNAMIC
cf-request-id: 056181292800002ba1b0b6c200000001
Server: cloudflare
CF-RAY: 5d7c37bb7bb42ba1-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK bootstrap.min.css
sepetim7.tk/bb/css/ 120 KB
20 KB 382ms
371ms Stylesheet
text/css 2606:4700:3031::6818:6d02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://sepetim7.tk/bb/css/bootstrap.min.css
Requested by: Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol: HTTP/1.1
Server: 2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ced8587d3adc7516df82cbaf8f8330937968f87d1fb227b1bd06b62040d33d9

Request headers

Referer: http://sepetim7.tk/bb/index1.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 11:38:11 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 24 Jul 2020 21:24:50 GMT
Server: cloudflare
ETag: W/"1deb0-5ab369a5e5029"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5d7c37bc6ee0dffb-FRA
cf-request-id: 05618129be0000dffb339e2200000001

GET
H/1.1 200
OK style.css
sepetim7.tk/bb/ 11 KB
3 KB 224ms
213ms Stylesheet
text/css 2606:4700:3031::6818:6d02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://sepetim7.tk/bb/style.css
Requested by: Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol: HTTP/1.1
Server: 2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44ac13e8ea5bf68529f5613669b2885de802e94ab8998229d33a87563f4d0151

Request headers

Referer: http://sepetim7.tk/bb/index1.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 11:38:11 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 24 Jul 2020 21:24:49 GMT
Server: cloudflare
ETag: W/"2a9b-5ab369a522c57"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5d7c37bc6dc6bece-FRA
cf-request-id: 05618129be0000bece9e922200000001

GET
H/1.1 200
OK font-awesome.min.css
sepetim7.tk/bb/css/ 30 KB
7 KB 311ms
300ms Stylesheet
text/css 2606:4700:3031::6818:6d02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://sepetim7.tk/bb/css/font-awesome.min.css
Requested by: Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol: HTTP/1.1
Server: 2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67c04522f01714791b1c36840e5983d16f7aa1cf35900d550eaf2adab031f298

Request headers

Referer: http://sepetim7.tk/bb/index1.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 11:38:11 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 24 Jul 2020 21:24:50 GMT
Server: cloudflare
ETag: W/"78d2-5ab369a61e239"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5d7c37bc6f596467-FRA
cf-request-id: 05618129bf00006467e42df200000001

GET
H/1.1 200
OK jquery-2.1.0.min.js Show response
sepetim7.tk/bb/js/ 82 KB
29 KB 338ms
327ms Script
application/javascript 2606:4700:3031::6818:6d02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://sepetim7.tk/bb/js/jquery-2.1.0.min.js
Requested by: Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol: HTTP/1.1
Server: 2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5a140b410f118c68dc918c10e68398bc8f35ccdd96cbed2d20ecadda5ef0eb5

Request headers

Referer: http://sepetim7.tk/bb/index1.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 11:38:11 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 24 Jul 2020 21:25:13 GMT
Server: cloudflare
ETag: W/"146a1-5ab369bbf8f91"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5d7c37bc6991d6b1-FRA
cf-request-id: 05618129c00000d6b1cd2c1200000001

GET
H/1.1 200
OK bootstrap.min.js Show response
sepetim7.tk/bb/js/ 36 KB
10 KB 271ms
261ms Script
application/javascript 2606:4700:3031::6818:6d02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://sepetim7.tk/bb/js/bootstrap.min.js
Requested by: Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol: HTTP/1.1
Server: 2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd

Request headers

Referer: http://sepetim7.tk/bb/index1.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 11:38:11 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 24 Jul 2020 21:25:12 GMT
Server: cloudflare
ETag: W/"8fd6-5ab369bba1601"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5d7c37bc6bde2b4d-FRA
cf-request-id: 05618129c100002b4daa171200000001

GET
H/1.1 200
OK lazysizes.min.js Show response
sepetim7.tk/bb/js/ 6 KB
3 KB 394ms
173ms Script
application/javascript 2606:4700:3031::6818:6d02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://sepetim7.tk/bb/js/lazysizes.min.js
Requested by: Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol: HTTP/1.1
Server: 2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92614d9570c0a2e3c2f34bda86556f1ba6638235599f157373468f3944736afc

Request headers

Referer: http://sepetim7.tk/bb/index1.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 11:38:11 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 24 Jul 2020 21:25:12 GMT
Server: cloudflare
ETag: W/"1966-5ab369bbc7761"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5d7c37bdbecabece-FRA
cf-request-id: 0561812a950000bece9e930200000001

GET
H/1.1 200
OK lazyload-ph.png
sepetim7.tk/bb/img/ 930 B
1 KB 158ms
112ms Image
image/png 2606:4700:3031::6818:6d02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sepetim7.tk/bb/img/lazyload-ph.png
Requested by: Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol: HTTP/1.1
Server: 2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1088c6813574a256ff3d7c460c4aaf625b1ee163179c6cf7ebaca3a6c9d5b98

Request headers

Referer: http://sepetim7.tk/bb/index1.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 11:38:11 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 24 Jul 2020 21:24:50 GMT
Server: cloudflare
ETag: "3a2-5ab369a688c7a"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5d7c37be0af32ba1-FRA
Content-Length: 930
cf-request-id: 0561812ac100002ba1b0b98200000001

GET 9eQbYTe1LY-.css
static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/ 0
0

GET
H2 200 Yq4mlV9zAVw.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ 14 KB
3 KB 41ms
39ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/Yq4mlV9zAVw.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

/

Resource Hash

91525011226c4b3afcc815ca58d4ef5841cf49db254104ff98bad1bb58481dad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: http://sepetim7.tk
Referer: http://sepetim7.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 11:38:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Ppiw/CUxtDXotx6WG0yWjA==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 3173
x-fb-debug: /DG8YTLk5rC3rGm9wVKuuKVQuO8ecjgxtDsRFJ1KD1Zansca5LIbuSax3SY/3mAkE52IlP+kAQuLe4auu6aSpg==
x-fb-trip-id: 664085054
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 24 Sep 2021 11:38:11 GMT

GET
H2 200 DyFl8tytnIn.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ 224 KB
58 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/DyFl8tytnIn.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

/

Resource Hash

9a278fd661172e9ab3f97c1519871c985aeef9ab31f8e54358340d8a533b0280

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: http://sepetim7.tk
Referer: http://sepetim7.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 11:38:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: UfOYkAqPy5GNVooqZD96Gg==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 58946
x-fb-debug: mhu3x5myxYh4HcL9WbbWFuI29B3vcEb36ud++2Lr+HsIxuhCPvewM05PDNQxtYz7mlGfq8UHNnhtEwA6h/yTlw==
x-fb-trip-id: 664085054
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 24 Sep 2021 08:43:09 GMT

GET
H2

200

hsts-pixel.gif
fbsbx.com/security/
Redirect Chain

https://facebook.com/security/hsts-pixel.gif?c=3.2
https://fbcdn.net/security/hsts-pixel.gif?c=2
https://fbsbx.com/security/hsts-pixel.gif

43 B
742 B

38ms
37ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fbsbx.com/security/hsts-pixel.gif

Requested by

Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

/

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://sepetim7.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: br
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: LP71/IeeB7f/J1HI/A9euMWx57d5B3bGRQXmIhpuB2nrS+djoGx77mQ3W52Jp5jL67wMO6Cp961RPj7CzaBorA==
x-frame-options: DENY
date: Thu, 24 Sep 2020 11:38:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

x-fb-debug: fCiuBxdCyx2lDL/erDJtBUoda9NJf7mJY1Jnoyf3a3F0bQFGxfKEBDrmVt550AqEbagsll3Z8GGKy4N1wWhMyg==
status: 302
date: Thu, 24 Sep 2020 11:38:11 GMT
location: https://fbsbx.com/security/hsts-pixel.gif
content-type: text/html; charset="utf-8"
access-control-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET 07jaU74bbvp.js
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ 0
0

GET F-8K1hS2X1t.js
static.xx.fbcdn.net/rsrc.php/v3i_fH4/yl/l/tr_TR/ 0
0

GET vltR5wNzE_8.js
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ 0
0

GET uAcM-jLm61s.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ 0
0

GET xDG5092i_a5.js
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ 0
0

GET 1z-zpR2Cazi.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ 0
0

GET 8rE_wlI4SRg.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ 0
0

GET
H/1.1 404
Not Found fontawesome-webfont.woff2
sepetim7.tk/bb/fonts/ 0
0 116ms
115ms Font
text/html 2606:4700:3031::6818:6d02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://sepetim7.tk/bb/fonts/fontawesome-webfont.woff2
Requested by: Host: sepetim7.tk
URL: http://sepetim7.tk/bb/css/font-awesome.min.css
Protocol: HTTP/1.1
Server: 2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: http://sepetim7.tk
Referer: http://sepetim7.tk/bb/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 11:38:11 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Vary: accept-language,accept-charset, Accept-Encoding
Content-Language: en
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5d7c37beffc0bece-FRA
cf-request-id: 0561812b5e0000bece9e943200000001

GET 9eQbYTe1LY-.css
static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/ 0
0

GET 07jaU74bbvp.js
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ 0
0

GET vltR5wNzE_8.js
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ 0
0

GET F-8K1hS2X1t.js
static.xx.fbcdn.net/rsrc.php/v3i_fH4/yl/l/tr_TR/ 0
0

GET
H/1.1 200
OK 11.png
sepetim7.tk/bb/ 1 MB
1 MB 350ms
350ms Image
image/png 2606:4700:3031::6818:6d02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sepetim7.tk/bb/11.png
Requested by: Host: sepetim7.tk
URL: http://sepetim7.tk/bb/index1.php
Protocol: HTTP/1.1
Server: 2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 685eedd1d577a16908d94d5985a08b17208017faae40d6d4e5987a462cbd7342

Request headers

Referer: http://sepetim7.tk/bb/index1.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 11:38:12 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 24 Jul 2020 21:24:48 GMT
Server: cloudflare
ETag: "125dfd-5ab369a43a726"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5d7c37bf4df6dffb-FRA
Content-Length: 1203709
cf-request-id: 0561812b8a0000dffb33a46200000001

GET
H/1.1 404
Not Found fontawesome-webfont.woff
sepetim7.tk/bb/fonts/ 0
0 113ms
112ms Font
text/html 2606:4700:3031::6818:6d02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://sepetim7.tk/bb/fonts/fontawesome-webfont.woff
Requested by: Host: sepetim7.tk
URL: http://sepetim7.tk/bb/css/font-awesome.min.css
Protocol: HTTP/1.1
Server: 2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: http://sepetim7.tk
Referer: http://sepetim7.tk/bb/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 11:38:11 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Vary: accept-language,accept-charset, Accept-Encoding
Content-Language: en
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5d7c37bfb86abece-FRA
cf-request-id: 0561812bd40000bece9e94c200000001

GET
H/1.1 404
Not Found fontawesome-webfont.ttf
sepetim7.tk/bb/fonts/ 0
0 107ms
107ms Font
text/html 2606:4700:3031::6818:6d02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://sepetim7.tk/bb/fonts/fontawesome-webfont.ttf
Requested by: Host: sepetim7.tk
URL: http://sepetim7.tk/bb/css/font-awesome.min.css
Protocol: HTTP/1.1
Server: 2606:4700:3031::6818:6d02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: http://sepetim7.tk
Referer: http://sepetim7.tk/bb/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 11:38:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Vary: accept-language,accept-charset, Accept-Encoding
Content-Language: en
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5d7c37c078eebece-FRA
cf-request-id: 0561812c470000bece9e951200000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/9eQbYTe1LY-.css?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/07jaU74bbvp.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i_fH4/yl/l/tr_TR/F-8K1hS2X1t.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/vltR5wNzE_8.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/uAcM-jLm61s.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/xDG5092i_a5.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/1z-zpR2Cazi.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/8rE_wlI4SRg.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/9eQbYTe1LY-.css?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/07jaU74bbvp.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/vltR5wNzE_8.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i_fH4/yl/l/tr_TR/F-8K1hS2X1t.js?_nc_x=Ij3Wp8lg5Kz

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| envFlush object| Env boolean| DEFER_COOKIES number| __DEV__ undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer object| ErrorGuard object| ErrorUtils function| CavalryLogger function| __updateOrientation object| TimeSlice function| ProfilingCounters function| __bpe function| now_inl object| bigPipe object| lazySizesConfig object| lazySizes

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.sepetim7.tk/	1970-01-19 13:25:39	Name: __cfduid Value: d0427afb5ea3fdcd34abc35f9f282ebc51600947491

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

facebook.com
fbcdn.net
fbsbx.com
sepetim7.tk
static.xx.fbcdn.net
static.xx.fbcdn.net
2606:4700:3031::6818:6d02
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
44ac13e8ea5bf68529f5613669b2885de802e94ab8998229d33a87563f4d0151
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
67c04522f01714791b1c36840e5983d16f7aa1cf35900d550eaf2adab031f298
685eedd1d577a16908d94d5985a08b17208017faae40d6d4e5987a462cbd7342
758c7144681e6273a50fed540191d10974f633b8b3b31b08b47c12494995ff2e
7ced8587d3adc7516df82cbaf8f8330937968f87d1fb227b1bd06b62040d33d9
91525011226c4b3afcc815ca58d4ef5841cf49db254104ff98bad1bb58481dad
92614d9570c0a2e3c2f34bda86556f1ba6638235599f157373468f3944736afc
9a278fd661172e9ab3f97c1519871c985aeef9ab31f8e54358340d8a533b0280
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
b5a140b410f118c68dc918c10e68398bc8f35ccdd96cbed2d20ecadda5ef0eb5
e1088c6813574a256ff3d7c460c4aaf625b1ee163179c6cf7ebaca3a6c9d5b98