lg-badgesupport.ml - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3030::ac43:d580, located in United States and belongs to CLOUDFLARENET, US. The main domain is lg-badgesupport.ml.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 25th 2020. Valid for: a year.

This is the only time lg-badgesupport.ml was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3030::ac43:d580	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a01:4f8:151:... 2a01:4f8:151:6117::2	24940 (HETZNER-AS) (HETZNER-AS)
3	2606:4700:303... 2606:4700:3035::6818:6e7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	4

1 2606:4700:3030::ac43:d580 (United States)

ASN13335 (CLOUDFLARENET, US)

lg-badgesupport.ml	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:151:6117::2 (Germany)

ASN24940 (HETZNER-AS, DE)

ir.sitekodlari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::6818:6e7f (United States)

ASN13335 (CLOUDFLARENET, US)

resimag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	resimag.com resimag.com	34 KB
1	sitekodlari.com ir.sitekodlari.com ir1.sitekodlari.com Failed	277 B
1	lg-badgesupport.ml lg-badgesupport.ml	2 KB
6	3

	Domain	Requested by
3	resimag.com	lg-badgesupport.ml
1	ir.sitekodlari.com	lg-badgesupport.ml
1	lg-badgesupport.ml
0	ir1.sitekodlari.com Failed	ir.sitekodlari.com
6	4

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
www.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-25` - `2021-10-24`	a year	crt.sh
ir.sitekodlari.com Let's Encrypt Authority X3	`2020-10-08` - `2021-01-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://lg-badgesupport.ml/
Frame ID: CF82D407EEE4813DD7B17401A443B579
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

6
Requests

83 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

37 kB
Transfer

37 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/us/developer/instagram-inc/id389801255
Title:

Search URL Search Domain Scan URL

URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://play.google.com/store/apps/details%3Fid%3Dcom.instagram.android%26hl%3Dtr%26gl%3DUS%26referrer%3Dutm_source%253Dgoogle%2526utm_medium%253Dorganic%2526utm_term%253Dplay%2Bgoogle%2Bi%25CC%2587nstagram&ved=2ahUKEwjH27a4vMDsAhXSlIsKHU7OCjsQFjAAegQIAhAB&usg=AOvVaw1a-5VhaloBgUwhF8vknAJm
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
lg-badgesupport.ml/ 4 KB
2 KB 541ms
519ms Document
text/html 2606:4700:3030::ac43:d580
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lg-badgesupport.ml/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:d580 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

531eeb92a3f9eea60fccaaf3ddecfce5fa73a860c071a8e4fd49c2931bb4dfeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: lg-badgesupport.ml
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 25 Oct 2020 14:33:32 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dbeee5bc62695cbb1c0fcb3b23a97ab2f1603636412; expires=Tue, 24-Nov-20 14:33:32 GMT; path=/; domain=.lg-badgesupport.ml; HttpOnly; SameSite=Lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: 6d626211b44bc32aae6e68363be1a783
cf-cache-status: DYNAMIC
cf-request-id: 0601c6d6680000c2b3c000a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5%2FVreAIULl8B85wpLcxN%2BZHvx8sg5Xq%2F0WWuTLSPTj%2B50SNzD0lSUTXD2spwFBUAxEQ6ecd80sv3iPuDWcSmRliTqnRhfm4wBvK4ffxzJnroeDAOEROOnJqBuXmLxtI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5e7ca7370868c2b3-FRA
content-encoding: br

GET
H2 200 sagtusengelleme1.js Show response
ir.sitekodlari.com/ 99 B
277 B 21ms
3ms Script
application/javascript 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ir.sitekodlari.com/sagtusengelleme1.js
Requested by: Host: lg-badgesupport.ml
URL: https://lg-badgesupport.ml/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:151:6117::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e2d39b0d1a837645fe4d41ed4d67e4e8ef4b753c550ab4e6c45642e3d56589be

Request headers

Referer: https://lg-badgesupport.ml/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 25 Oct 2020 14:33:32 GMT
etag: "63-59f096a8d57b9"
last-modified: Thu, 20 Feb 2020 22:27:54 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript
status: 200
x-accel-version: 0.01
accept-ranges: bytes
content-length: 99

GET
H2 200 86663481ce1.jpeg
resimag.com/p1/ 20 KB
20 KB 84ms
57ms Image
image/jpeg 2606:4700:3035::6818:6e7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resimag.com/p1/86663481ce1.jpeg
Requested by: Host: lg-badgesupport.ml
URL: https://lg-badgesupport.ml/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0f38d7b9e560333890d17f37ba3864075ac3b2b2381703447e406e6bd1e5f4a5

Request headers

Referer: https://lg-badgesupport.ml/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 25 Oct 2020 14:33:32 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
status: 200
content-length: 20086
cf-request-id: 0601c6d891000064bb841c2000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rItCoU7BScSxXJTKa5%2BzB6kl6aWHYlOlOBy2HQdSS5k0XjGLQqG1zpCs5abykNPgNisesFaQ61FEUtUvGKxTwl%2Fr03JZHKGIJDqXM%2FVFvxhIE0Tq8DoV7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 5e7ca73a8d5e64bb-FRA
expires: Mon, 10 Apr 1972 00:00:00 GMT

GET
H2 200 f372759ec92.png
resimag.com/p1/ 4 KB
4 KB 62ms
56ms Image
image/png 2606:4700:3035::6818:6e7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resimag.com/p1/f372759ec92.png
Requested by: Host: lg-badgesupport.ml
URL: https://lg-badgesupport.ml/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 14c09561486ba385a8a62bc0a8b41e03638a6334648113a7f28be47271eccb5e

Request headers

Referer: https://lg-badgesupport.ml/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 25 Oct 2020 14:33:32 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
status: 200
content-length: 3754
cf-request-id: 0601c6d892000064bba5bbf000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8YUQwgPh8mwyC3oOebxtrHJe%2BHbnStqc17M9LSPOEPnFYc9%2BSYgVtjB833D12GCWD2xyBJLW6%2Bak2xEadZKpaUKnkjY82ZcZn0jMex0CRoqIa8IegOEebg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 5e7ca73a8d6164bb-FRA
expires: Mon, 10 Apr 1972 00:00:00 GMT

GET
H2 200 1ca9b4d46fa.png
resimag.com/p1/ 10 KB
10 KB 70ms
67ms Image
image/png 2606:4700:3035::6818:6e7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resimag.com/p1/1ca9b4d46fa.png
Requested by: Host: lg-badgesupport.ml
URL: https://lg-badgesupport.ml/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 583714033cab0d76045a8d4bbfb2326983f40d5c2cfa239e9527da9617686e6b

Request headers

Referer: https://lg-badgesupport.ml/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 25 Oct 2020 14:33:32 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
status: 200
content-length: 10071
cf-request-id: 0601c6d891000064bb9596d000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MThlzir0%2BYLhTSJqCUpwljs2NTpseB%2BCbUJku6DbHOtlXH5hhhKqByRRH8Lnh4JAqgvU9uKkkBNKLNQEv1LtAPi0piqO%2Bz%2BTQk8wxRHMXVkyKLv0DXUxFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 5e7ca73a8d6064bb-FRA
expires: Mon, 10 Apr 1972 00:00:00 GMT

GET se1.php
ir1.sitekodlari.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ir1.sitekodlari.com
URL: http://ir1.sitekodlari.com/se1.php

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.lg-badgesupport.ml/	1970-01-19 14:10:28	Name: __cfduid Value: dbeee5bc62695cbb1c0fcb3b23a97ab2f1603636412

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ir.sitekodlari.com
ir1.sitekodlari.com
lg-badgesupport.ml
resimag.com
ir1.sitekodlari.com
2606:4700:3030::ac43:d580
2606:4700:3035::6818:6e7f
2a01:4f8:151:6117::2
0f38d7b9e560333890d17f37ba3864075ac3b2b2381703447e406e6bd1e5f4a5
14c09561486ba385a8a62bc0a8b41e03638a6334648113a7f28be47271eccb5e
531eeb92a3f9eea60fccaaf3ddecfce5fa73a860c071a8e4fd49c2931bb4dfeb
583714033cab0d76045a8d4bbfb2326983f40d5c2cfa239e9527da9617686e6b
e2d39b0d1a837645fe4d41ed4d67e4e8ef4b753c550ab4e6c45642e3d56589be

lg-badgesupport.ml Open in urlscan Pro 2606:4700:3030::ac43:d580 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

6 Requests

83 %HTTPS

100 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

37 kBTransfer

37 kBSize

1 Cookies

2 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

lg-badgesupport.ml Open in urlscan Pro
2606:4700:3030::ac43:d580 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

37 kB
Transfer

37 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions