urlscan.io logo urlscan.io
SecurityTrails logo

discordsepeti.jethesap.net Open in urlscan Pro
78.135.82.192  Public Scan

Go To Rescan Add Verdict Report
URL: https://discordsepeti.jethesap.net/
Submission Tags: phishingrod
Submission: On August 20 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 5 HTTP transactions. The main IP is 78.135.82.192, located in Istanbul, Turkey and belongs to HOSTLAB, TR. The main domain is discordsepeti.jethesap.net.
TLS certificate: Issued by R3 on August 20th 2023. Valid for: 3 months.
This is the only time discordsepeti.jethesap.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 78.135.82.192 207326 (HOSTLAB)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
5 4
Apex Domain
Subdomains		 Transfer
2 jethesap.net
discordsepeti.jethesap.net
3 KB
1 wisecp.com
www.wisecp.com
313 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
877 B
1 qu.com.tr
qu.com.tr
10 KB
5 4
Domain Requested by
2 discordsepeti.jethesap.net discordsepeti.jethesap.net
1 www.wisecp.com qu.com.tr
1 fonts.googleapis.com discordsepeti.jethesap.net
1 qu.com.tr discordsepeti.jethesap.net
5 4

This site contains no links.

Subject Issuer Validity Valid
www.discordsepeti.jethesap.net
R3		 2023-08-20 -
2023-11-18		 3 months crt.sh
qu.com.tr
GTS CA 1P5		 2023-07-18 -
2023-10-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
wisecp.com
E1		 2023-07-01 -
2023-09-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://discordsepeti.jethesap.net/
Frame ID: 35C29EF7C24A74E3C159EE5F928F132E
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

License Issue

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css

Page Statistics

5
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

327 kB
Transfer

378 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
discordsepeti.jethesap.net/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://discordsepeti.jethesap.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
78.135.82.192 Istanbul, Turkey, ASN207326 (HOSTLAB, TR),
Reverse DNS
cpanel11.hostlab.net.tr
Software
LiteSpeed / PHP/7.2.34
Resource Hash
12abf27a9fafe6961bf31da8a4e31d9a4552fdfd484c3a903802d77af03d1c9d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 20 Aug 2023 19:17:58 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.2.34
A.stylex.css+ionicons.min.css,Mcc.X0uJPA35d1.css.pagespeed.cf.4XsuPoNgG_.css
qu.com.tr/templates/system/css/ 		58 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qu.com.tr/templates/system/css/A.stylex.css+ionicons.min.css,Mcc.X0uJPA35d1.css.pagespeed.cf.4XsuPoNgG_.css
Requested by
Host: discordsepeti.jethesap.net
URL: https://discordsepeti.jethesap.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:9bd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ab8150356b97ab83cd33417bb44f8e38d87021ada6d68650290d66edeb3ccd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discordsepeti.jethesap.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 19:17:58 GMT
content-encoding
br
cf-cache-status
MISS
x-original-content-length
60214
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-page-speed
1
last-modified
Sun, 20 Aug 2023 14:51:15 GMT
server
cloudflare
etag
W/"0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0lsVopBg%2FB8lZ45wiJbLg6OE0XbL8gM1vldS0fvJo%2FQVbVvEU3HeFa2X3hlx2jL5jHmglmYcz6IP4tCOpvbaHT4d%2F%2BGz%2FY%2FT3ki%2BIcZpSy%2FSAFuU4kKjpbsJIL0vbB8MLNOLC%2FB3i8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7f9cfabfab7439e6-FRA
expires
Mon, 19 Aug 2024 14:51:15 GMT
css
fonts.googleapis.com/ 		3 KB
877 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:200,400,600,700&subset=latin-ext
Requested by
Host: discordsepeti.jethesap.net
URL: https://discordsepeti.jethesap.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f59cba3fb5dff4c14e8e7d3cc7cad786bbeec5c83bf721d3c17f8819762a7ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discordsepeti.jethesap.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 20 Aug 2023 19:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 20 Aug 2023 19:17:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Aug 2023 19:17:58 GMT
rocket-loader.min.js
discordsepeti.jethesap.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://discordsepeti.jethesap.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: discordsepeti.jethesap.net
URL: https://discordsepeti.jethesap.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
78.135.82.192 Istanbul, Turkey, ASN207326 (HOSTLAB, TR),
Reverse DNS
cpanel11.hostlab.net.tr
Software
LiteSpeed / PHP/7.2.34
Resource Hash
512d9621d430d5de11cecd5832144dc6ffaeca3a03e51b42c9748ee686e7c0a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discordsepeti.jethesap.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 19:17:59 GMT
content-encoding
gzip
server
LiteSpeed
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
slide26102019.jpg
www.wisecp.com/images/ 		312 KB
313 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wisecp.com/images/slide26102019.jpg
Requested by
Host: qu.com.tr
URL: https://qu.com.tr/templates/system/css/A.stylex.css+ionicons.min.css,Mcc.X0uJPA35d1.css.pagespeed.cf.4XsuPoNgG_.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e730a1e14dfc04ea873ef54c012f3477a92dc8e631464d46dc7e6bd409b3ca01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qu.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 19:17:58 GMT
cf-cache-status
MISS
last-modified
Wed, 17 Aug 2022 10:57:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qx9PLEWQA9ObyA0G9Mk8HJvgFiZJ6OHPWPsbIIczBdWQdxx86qFYI0jk4pDRQO%2Fz9xnuXcNVzbNr6Jcj%2BiZZtxKs9hgsR%2F3ponhY%2BV1XPY3VbPeJHSCrhtet6euj%2F7CEBADPBGcoimcGIaeJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
https://requests.wisecp.com
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7f9cfac088e42c6b-FRA
content-length
319756
expires
Sun, 27 Aug 2023 19:17:58 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies