lg-verify-acaunt.ml Open in urlscan Pro
2606:4700:3033::ac43:985e  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://lg-verify-acaunt.ml/ Page URL
2. https://lg-verify-acaunt.ml/login.php Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response lg-verify-acaunt.ml/	2 KB 1 KB	583ms 554ms	Document text/html	2606:4700:3033::ac43:985e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lg-verify-acaunt.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:985e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 028b80e458d14e6133c4c0dd79cb832e7f2e9d4a3f02b67e01e1edf132a33003 Request headers :method GET :authority lg-verify-acaunt.ml :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:51:03 GMT content-type text/html set-cookie __cfduid=d015ff1347167330fb10de8f90f8fddf91609195862; expires=Wed, 27-Jan-21 22:51:02 GMT; path=/; domain=.lg-verify-acaunt.ml; HttpOnly; SameSite=Lax; Secure ARRAffinity=7440c77fb9070c689603bd1cb1046a5b6d1fe48b1a29fac627939c5498ebe8d4;Path=/;Domain=lg-verify-acaunt.ml last-modified Mon, 28 Dec 2020 22:47:36 GMT vary Accept-Encoding x-powered-by ASP.NET cf-cache-status DYNAMIC cf-request-id 074d2553be0000dfb7f7950000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q9BIjz5k7StBe45QpJJZoxzkJ9azZ5bCHgePMdJ57kAChzUbwxMq6cq7DtBmAzBkaaN8QBMhDTx7nIPtHc8yrL%2FKdJinAzktPajnLijeVdxesMg2Mpynr1PF3aqwNtMY"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 608ed7ff98addfb7-FRA content-encoding br
GET H2	200	SHNOWo.png i.imgyukle.com/2020/07/17/	3 KB 4 KB	152ms 48ms	Image image/png	168.119.145.176 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgyukle.com/2020/07/17/SHNOWo.png Requested by Host: lg-verify-acaunt.ml URL: https://lg-verify-acaunt.ml/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 168.119.145.176 , United States, ASN24940 (HETZNER-AS, DE), Reverse DNS static.176.145.119.168.clients.your-server.de Software nginx / PleskLin Resource Hash e0bd957ccfef739d618b4e1a8ac1c2b19f90037065cee1641427e705ef1debad Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://lg-verify-acaunt.ml/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:51:03 GMT referrer-policy origin last-modified Fri, 17 Jul 2020 10:53:00 GMT server nginx x-powered-by PleskLin etag "5f11830c-dee" x-frame-options SAMEORIGIN content-type image/png x-xss-protection 1; mode=block x-permitted-cross-domain-policies master-only feature-policy geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none; content-security-policy frame-ancestors 'self'; accept-ranges bytes content-length 3566 x-content-type-options nosniff
GET H2	200	SHN2fR.png i.imgyukle.com/2020/07/17/	3 KB 3 KB	154ms 50ms	Image image/png	168.119.145.176 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgyukle.com/2020/07/17/SHN2fR.png Requested by Host: lg-verify-acaunt.ml URL: https://lg-verify-acaunt.ml/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 168.119.145.176 , United States, ASN24940 (HETZNER-AS, DE), Reverse DNS static.176.145.119.168.clients.your-server.de Software nginx / PleskLin Resource Hash 735f7ebf6e827db314649423976c7d3d2f8c19e286e95106a19cf6ff69389ff1 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://lg-verify-acaunt.ml/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:51:03 GMT referrer-policy origin last-modified Fri, 17 Jul 2020 10:54:00 GMT server nginx x-powered-by PleskLin etag "5f118348-ab8" x-frame-options SAMEORIGIN content-type image/png x-xss-protection 1; mode=block x-permitted-cross-domain-policies master-only feature-policy geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none; content-security-policy frame-ancestors 'self'; accept-ranges bytes content-length 2744 x-content-type-options nosniff
GET H2	200	rocket-loader.min.js Show response ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/	12 KB 5 KB	42ms 17ms	Script application/javascript	2606:4700::6810:a823 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Requested by Host: lg-verify-acaunt.ml URL: https://lg-verify-acaunt.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://lg-verify-acaunt.ml/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:51:03 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to":"cf-nel","max_age":604800} vary Accept-Encoding cf-request-id 074d25561100006347701db000000001 last-modified Thu, 17 Dec 2020 18:39:38 GMT server cloudflare x-frame-options DENY etag W/"5fdba5ea-3016" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k3hOUct%2Bo0uv71qsKZmQA2T6f3Yx22rPaosQpp6gllM%2FI%2FICszkzeItQK3Sjd1SnvOXhPf7773K4pwSb747StKPTz6xpvE3f%2BzTjTVBFtdkdPhMO3weyJjCRdPV1TmWm"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public cf-ray 608ed8034cd26347-FRA expires Wed, 30 Dec 2020 22:51:03 GMT
GET H2	200	sagtusengelleme1.js Show response ir.sitekodlari.com/	99 B 277 B	23ms 3ms	Script application/javascript	2a01:4f8:151:6117::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ir.sitekodlari.com/sagtusengelleme1.js Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a01:4f8:151:6117::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx / PleskLin Resource Hash e2d39b0d1a837645fe4d41ed4d67e4e8ef4b753c550ab4e6c45642e3d56589be Request headers Referer https://lg-verify-acaunt.ml/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:51:03 GMT etag "63-59f096a8d57b9" last-modified Thu, 20 Feb 2020 22:27:54 GMT server nginx x-powered-by PleskLin content-type application/javascript x-accel-version 0.01 accept-ranges bytes content-length 99
GET		se1.php ir1.sitekodlari.com/	0 0
GET H2	200	Primary Request login.php Show response lg-verify-acaunt.ml/	9 KB 3 KB	570ms 569ms	Document text/html	2606:4700:3033::ac43:985e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lg-verify-acaunt.ml/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:985e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.38 ASP.NET Resource Hash 327e73564b60ea2d3122db13eba3a07abf9f122bb76763150077190860b9a187 Request headers :method GET :authority lg-verify-acaunt.ml :scheme https :path /login.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest document referer https://lg-verify-acaunt.ml/ accept-encoding gzip, deflate, br accept-language en-US cookie __cfduid=d015ff1347167330fb10de8f90f8fddf91609195862; ARRAffinity=7440c77fb9070c689603bd1cb1046a5b6d1fe48b1a29fac627939c5498ebe8d4 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://lg-verify-acaunt.ml/ Response headers date Mon, 28 Dec 2020 22:51:09 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-powered-by PHP/5.6.38 ASP.NET cf-cache-status DYNAMIC cf-request-id 074d256a200000dfb7dcbbb000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ItP6dnokPrmRB8UtdCdynHu387TrCxHP%2FG6xoPRCqlx0iv2FGrkiA9OVw%2B6LLPO5BBe9zxsc2vY5JCgByoFMbtt4RB%2BqZsiPDEJCZqiM8aNiplomdmoqolf6MfD7S0H%2F"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 608ed8236ebedfb7-FRA content-encoding br
GET H2	200	font-awesome.min.css stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	28ms 8ms	Stylesheet text/css	2001:4de0:ac19::1:b:1a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: lg-verify-acaunt.ml URL: https://lg-verify-acaunt.ml/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://lg-verify-acaunt.ml/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:51:09 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 12 Dec 2018 18:35:20 GMT etag "1544639720" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 7050
GET H2	200	xq1.png lg-verify-acaunt.ml/resim/	113 KB 114 KB	959ms 958ms	Image image/png	2606:4700:3033::ac43:985e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lg-verify-acaunt.ml/resim/xq1.png Requested by Host: lg-verify-acaunt.ml URL: https://lg-verify-acaunt.ml/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:985e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 9b71c4347aeb8f5775ae8d7df6a6b4d690d639b8f0574a9378879da79209a0d5 Request headers Referer https://lg-verify-acaunt.ml/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:51:10 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET content-length 115977 cf-request-id 074d256c600000dfb790b75000000001 last-modified Mon, 28 Dec 2020 22:47:45 GMT server cloudflare etag "21e322756bddd61:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0Pe7JTRcrhiAa6QKxReoqIH7HqRIvlm1yFV2KNXSFIuMJ4VV3aHCxHNdVXSAVclFHSwEP0Ldzrb%2BBUC5w%2Ftcb7%2BLTpQ1OPtNfCSmVNIG0ANDrkbfya2g96dPwooIH4JC"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 608ed826fc1adfb7-FRA
GET H2	200	app.png lg-verify-acaunt.ml/resim/	8 KB 8 KB	577ms 576ms	Image image/png	2606:4700:3033::ac43:985e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lg-verify-acaunt.ml/resim/app.png Requested by Host: lg-verify-acaunt.ml URL: https://lg-verify-acaunt.ml/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:985e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 7490b765baed1bde18bf2e63e947474acebdd28ab5bd08bbedf32717edc48aa9 Request headers Referer https://lg-verify-acaunt.ml/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:51:09 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET content-length 8005 cf-request-id 074d256c600000dfb782054000000001 last-modified Mon, 28 Dec 2020 22:47:40 GMT server cloudflare etag "592db2726bddd61:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ri9%2BHfDFYIcAHY9DTznbwii%2FkniUq6r0i0tuX98o7pvukocu%2F1k7jwBEpBQQVBakT%2Fx3NiG8%2FZ0raNqtg5VZI%2BQNVzh%2F9qX1KRnQhwZ1ySVghqzX%2FDOq2ewxaUwKQZFB"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 608ed8270c1ddfb7-FRA
GET H2	200	EmirFrom.png lg-verify-acaunt.ml/resim/	19 KB 19 KB	725ms 724ms	Image image/png	2606:4700:3033::ac43:985e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lg-verify-acaunt.ml/resim/EmirFrom.png Requested by Host: lg-verify-acaunt.ml URL: https://lg-verify-acaunt.ml/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:985e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 4371cb561526ebbcebdd5c4ee856b402807f68cf02b049bdb281a1c7fb9f72c8 Request headers Referer https://lg-verify-acaunt.ml/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:51:09 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET content-length 19494 cf-request-id 074d256c600000dfb7d839d000000001 last-modified Mon, 28 Dec 2020 22:47:41 GMT server cloudflare etag "b88c30736bddd61:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k4%2BhwEvdYMNJcS3ghc9eSxdwUu6MDeJATJDNcLE5ARwALOyl2eeyMGT08NnJAXJ%2B22m%2Fux%2FrBqgUOm58C8X4m%2Bot0eq0uznbEtbjMkEar2ZHE%2BoDaHOGilkeAbAsxbkQ"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 608ed8270c1edfb7-FRA
GET H2	200	rocket-loader.min.js Show response ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/	12 KB 4 KB	8ms 8ms	Script application/javascript	2606:4700::6810:a823 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Requested by Host: lg-verify-acaunt.ml URL: https://lg-verify-acaunt.ml/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://lg-verify-acaunt.ml/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:51:09 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to":"cf-nel","max_age":604800} vary Accept-Encoding cf-request-id 074d256c600000634771aad000000001 last-modified Thu, 17 Dec 2020 18:39:38 GMT server cloudflare x-frame-options DENY etag W/"5fdba5ea-3016" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=08am9SGxt0IeXNi8hutSZPSCNgGKA%2BZieSyAJozpNcw7%2BgHfLZyiBsvCElhEZR8f14k6GEXU6qqCuxE4ir96ZkXf2LMvf4yFsrvwP331OoOwAZvFnBl7omBwH0CHe%2BKJ"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public cf-ray 608ed826fcf86347-FRA expires Wed, 30 Dec 2020 22:51:09 GMT
GET H2	200	jquery-3.4.1.min.js Show response code.jquery.com/	86 KB 30 KB	27ms 9ms	Script application/javascript	2001:4de0:ac19::1:b:1a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.4.1.min.js Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Request headers Origin https://lg-verify-acaunt.ml Referer https://lg-verify-acaunt.ml/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:51:10 GMT content-encoding gzip last-modified Wed, 01 May 2019 21:14:27 GMT server nginx etag W/"5cca0c33-15851" vary Accept-Encoding x-hw 1609195870.dop212.fr8.t,1609195870.cds224.fr8.hn,1609195870.cds236.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30638

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ir1.sitekodlari.com

URL

http://ir1.sitekodlari.com/se1.php

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Instagram (Social Network)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| __cfQR function| $ function| jQuery boolean| __cfRLUnblockHandlers

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.lg-verify-acaunt.ml/	1969-12-31 23:59:59	Name: ARRAffinity Value: 7440c77fb9070c689603bd1cb1046a5b6d1fe48b1a29fac627939c5498ebe8d4
			.lg-verify-acaunt.ml/	1970-01-19 15:43:07	Name: __cfduid Value: d015ff1347167330fb10de8f90f8fddf91609195862

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
code.jquery.com
i.imgyukle.com
ir.sitekodlari.com
ir1.sitekodlari.com
lg-verify-acaunt.ml
stackpath.bootstrapcdn.com
ir1.sitekodlari.com
168.119.145.176
2001:4de0:ac19::1:b:1a
2606:4700:3033::ac43:985e
2606:4700::6810:a823
2a01:4f8:151:6117::2
028b80e458d14e6133c4c0dd79cb832e7f2e9d4a3f02b67e01e1edf132a33003
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
327e73564b60ea2d3122db13eba3a07abf9f122bb76763150077190860b9a187
4371cb561526ebbcebdd5c4ee856b402807f68cf02b049bdb281a1c7fb9f72c8
735f7ebf6e827db314649423976c7d3d2f8c19e286e95106a19cf6ff69389ff1
7490b765baed1bde18bf2e63e947474acebdd28ab5bd08bbedf32717edc48aa9
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
9b71c4347aeb8f5775ae8d7df6a6b4d690d639b8f0574a9378879da79209a0d5
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
e0bd957ccfef739d618b4e1a8ac1c2b19f90037065cee1641427e705ef1debad
e2d39b0d1a837645fe4d41ed4d67e4e8ef4b753c550ab4e6c45642e3d56589be