instagramcentralprotect.com
Open in
urlscan Pro
160.153.50.134
Malicious Activity!
Public Scan
Submission: On December 17 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 17th 2018. Valid for: 2 years.
This is the only time instagramcentralprotect.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Instagram (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 160.153.50.134 160.153.50.134 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
1 5 | 2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 2a00:1450:400... 2a00:1450:4001:815::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 104.111.234.198 104.111.234.198 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
7 7 | 2406:da00:ff0... 2406:da00:ff00::3417:8ff7 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
7 | 2a03:2880:f21... 2a03:2880:f21c:80e5:face:b00c:0:4420 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
2 | 2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
2 | 45.40.130.22 45.40.130.22 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
23 | 7 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-160-153-50-134.ip.secureserver.net
instagramcentralprotect.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net | |
staticxx.facebook.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-234-198.deploy.static.akamaitechnologies.com
img1.wsimg.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
instagram.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.instagram.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-45-40-130-22.ip.secureserver.net
img.secureserver.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
instagram.com
7 redirects
instagram.com www.instagram.com |
3 KB |
6 |
instagramcentralprotect.com
instagramcentralprotect.com |
73 KB |
4 |
facebook.com
1 redirects
staticxx.facebook.com www.facebook.com |
730 B |
3 |
facebook.net
connect.facebook.net |
103 KB |
2 |
secureserver.net
img.secureserver.net |
1 KB |
1 |
wsimg.com
img1.wsimg.com |
5 KB |
1 |
googleapis.com
ajax.googleapis.com |
30 KB |
23 | 7 |
Domain | Requested by | |
---|---|---|
7 | www.instagram.com |
instagramcentralprotect.com
|
7 | instagram.com | 7 redirects |
6 | instagramcentralprotect.com |
instagramcentralprotect.com
|
3 | connect.facebook.net |
instagramcentralprotect.com
connect.facebook.net |
2 | img.secureserver.net | |
2 | www.facebook.com |
instagramcentralprotect.com
|
2 | staticxx.facebook.com |
1 redirects
instagramcentralprotect.com
|
1 | img1.wsimg.com |
instagramcentralprotect.com
|
1 | ajax.googleapis.com |
instagramcentralprotect.com
|
23 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
instagramcentralprotect.com Go Daddy Secure Certificate Authority - G2 |
2018-12-17 - 2020-12-17 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2017-12-15 - 2019-03-22 |
a year | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2018-11-27 - 2019-02-19 |
3 months | crt.sh |
*.wsimg.com Starfield Secure Certificate Authority - G2 |
2018-09-25 - 2020-09-25 |
2 years | crt.sh |
*.www.instagram.com DigiCert SHA2 High Assurance Server CA |
2018-09-05 - 2019-12-12 |
a year | crt.sh |
img.secureserver.net Starfield Secure Certificate Authority - G2 |
2018-11-13 - 2020-11-13 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://instagramcentralprotect.com/
Frame ID: 62521CB259EF5451CE464B7C2556DBAB
Requests: 22 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter.php?version=43
Frame ID: 44BF18C78BCB46BAA66D9B8EB48E3064
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://instagram.com/files/6514c5e08593.js.indir HTTP 301
- https://www.instagram.com/files/6514c5e08593.js.indir
- https://instagram.com/files/fc3c22cf2d67.js.indir HTTP 301
- https://www.instagram.com/files/fc3c22cf2d67.js.indir
- https://instagram.com/files/f1abf980aaf5.js.indir HTTP 301
- https://www.instagram.com/files/f1abf980aaf5.js.indir
- https://instagram.com/files/8d4b99281427.js.indir HTTP 301
- https://www.instagram.com/files/8d4b99281427.js.indir
- https://staticxx.facebook.com/connect/xd_arbiter/r/2VRzCA39w_9.js?version=42 HTTP 302
- https://staticxx.facebook.com/connect/xd_arbiter.php?version=43
- https://instagram.com/files/fc3c22cf2d67.js.indir HTTP 301
- https://www.instagram.com/files/fc3c22cf2d67.js.indir
- https://instagram.com/files/f1abf980aaf5.js.indir HTTP 301
- https://www.instagram.com/files/f1abf980aaf5.js.indir
- https://instagram.com/files/8d4b99281427.js.indir HTTP 301
- https://www.instagram.com/files/8d4b99281427.js.indir
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
instagramcentralprotect.com/ |
235 KB 58 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
51 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1425767024389221
instagramcentralprotect.com/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fbevents.js.indir
instagramcentralprotect.com/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1425767024389221(1)
instagramcentralprotect.com/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fbevents.js(1).indir
instagramcentralprotect.com/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1425767024389221
connect.facebook.net/signals/config/ |
162 KB 46 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vpaQNA.png
instagramcentralprotect.com/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tcc_l.combined.1.0.6.min.js
img1.wsimg.com/tcc/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6514c5e08593.js.indir
www.instagram.com/files/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fc3c22cf2d67.js.indir
www.instagram.com/files/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f1abf980aaf5.js.indir
www.instagram.com/files/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8d4b99281427.js.indir
www.instagram.com/files/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 44BF Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fc3c22cf2d67.js.indir
www.instagram.com/files/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f1abf980aaf5.js.indir
www.instagram.com/files/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8d4b99281427.js.indir
www.instagram.com/files/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1425767024389221
connect.facebook.net/signals/config/ |
162 KB 42 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 250 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
event
img.secureserver.net/t/1/tl/ |
43 B 599 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
event
img.secureserver.net/t/1/tl/ |
43 B 599 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 251 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Instagram (Social Network)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| _trfd function| tcg function| tcp object| perfhandler object| TCCTracker object| _trfq object| true object| _sharedData function| fbq function| _fbq object| __core-js_shared__1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.facebook.com/ | Name: fr Value: 0o7rpEc23oNrgT73l..BcGBKs...1.0.BcGBKs. |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
connect.facebook.net
img.secureserver.net
img1.wsimg.com
instagram.com
instagramcentralprotect.com
staticxx.facebook.com
www.facebook.com
www.instagram.com
104.111.234.198
160.153.50.134
2406:da00:ff00::3417:8ff7
2a00:1450:4001:815::200a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:2880:f21c:80e5:face:b00c:0:4420
45.40.130.22
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775
6412f059aed3a2601e180b3fa909ab304902001b2a4bd030cec88feaedf3bc46
88a8c8afa98fc5203593c3a87d8fa7982d955543f024cbfa46a96330b6d889c9
9de8c2729ae5603e5a54ebdf8bb76187a8c30d6100b3855853c58eef222f1473
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350
e393d129c1a548de311db1a171d7da1f02a3003160b84b879256f06080a942ff