instagrame-liwjcsfnx-abdessattar23.vercel.app
Open in
urlscan Pro
76.76.21.22
Malicious Activity!
Public Scan
Effective URL: https://instagrame-liwjcsfnx-abdessattar23.vercel.app/
Submission: On February 20 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on February 8th 2023. Valid for: 3 months.
This is the only time instagrame-liwjcsfnx-abdessattar23.vercel.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Instagram (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 76.76.21.22 76.76.21.22 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 172.67.71.92 172.67.71.92 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 35.75.108.134 35.75.108.134 | 16509 (AMAZON-02) (AMAZON-02) | |
14 | 3 |
ASN16509 (AMAZON-02, US)
instagrame-liwjcsfnx-abdessattar23.vercel.app |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-108-134.ap-northeast-1.compute.amazonaws.com
api.ipdata.co |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
vercel.app
instagrame-liwjcsfnx-abdessattar23.vercel.app |
664 KB |
1 |
ipdata.co
api.ipdata.co — Cisco Umbrella Rank: 34590 |
938 B |
1 |
cdnfonts.com
fonts.cdnfonts.com — Cisco Umbrella Rank: 14013 |
|
14 | 3 |
Domain | Requested by | |
---|---|---|
12 | instagrame-liwjcsfnx-abdessattar23.vercel.app |
instagrame-liwjcsfnx-abdessattar23.vercel.app
|
1 | api.ipdata.co |
instagrame-liwjcsfnx-abdessattar23.vercel.app
|
1 | fonts.cdnfonts.com |
instagrame-liwjcsfnx-abdessattar23.vercel.app
|
14 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.instagram.com |
apps.apple.com |
play.google.com |
about.meta.com |
about.instagram.com |
help.instagram.com |
developers.facebook.com |
www.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.vercel.app R3 |
2023-02-08 - 2023-05-09 |
3 months | crt.sh |
*.cdnfonts.com GTS CA 1P5 |
2023-02-07 - 2023-05-08 |
3 months | crt.sh |
api.ipdata.co Amazon RSA 2048 M02 |
2023-02-10 - 2023-11-19 |
9 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://instagrame-liwjcsfnx-abdessattar23.vercel.app/
Frame ID: C12C5C00BBD17F72C76812541B5CAF3E
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
InstagramPage URL History Show full URLs
-
http://instagrame-liwjcsfnx-abdessattar23.vercel.app/
HTTP 307
https://instagrame-liwjcsfnx-abdessattar23.vercel.app/ Page URL
Page Statistics
17 Outgoing links
These are links going to different origins than the main page.
Title: Forgot password?
Search URL Search Domain Scan URL
Title: Sign up
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Meta
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: API
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Title: Top Accounts
Search URL Search Domain Scan URL
Title: Hashtags
Search URL Search Domain Scan URL
Title: Locations
Search URL Search Domain Scan URL
Title: Instagram Lite
Search URL Search Domain Scan URL
Title: Contact Uploading & Non-Users
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://instagrame-liwjcsfnx-abdessattar23.vercel.app/
HTTP 307
https://instagrame-liwjcsfnx-abdessattar23.vercel.app/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
instagrame-liwjcsfnx-abdessattar23.vercel.app/ Redirect Chain
|
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoe-ui-4
fonts.cdnfonts.com/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
instagrame-liwjcsfnx-abdessattar23.vercel.app/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slide-1.png
instagrame-liwjcsfnx-abdessattar23.vercel.app/images/ |
173 KB 173 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slide-2.png
instagrame-liwjcsfnx-abdessattar23.vercel.app/images/ |
51 KB 51 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slide-3.png
instagrame-liwjcsfnx-abdessattar23.vercel.app/images/ |
141 KB 141 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slide-4.png
instagrame-liwjcsfnx-abdessattar23.vercel.app/images/ |
219 KB 220 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagram-logo.png
instagrame-liwjcsfnx-abdessattar23.vercel.app/images/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook-icon.png
instagrame-liwjcsfnx-abdessattar23.vercel.app/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-store.png
instagrame-liwjcsfnx-abdessattar23.vercel.app/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google-play.png
instagrame-liwjcsfnx-abdessattar23.vercel.app/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
instagrame-liwjcsfnx-abdessattar23.vercel.app/ |
2 KB 941 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.ipdata.co/ |
1 KB 938 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phone-frame.png
instagrame-liwjcsfnx-abdessattar23.vercel.app/images/ |
29 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Instagram (Social Network)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange object| xhttp function| frm function| slide function| checkSigninInput0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.ipdata.co
fonts.cdnfonts.com
instagrame-liwjcsfnx-abdessattar23.vercel.app
172.67.71.92
35.75.108.134
76.76.21.22
09193043caba6aa1d17553076cab535bd42f66a52314345771ef5584b74f89ab
14c09561486ba385a8a62bc0a8b41e03638a6334648113a7f28be47271eccb5e
57e5ee767d53749169b2d4c9cb3d9b7cc4896b19ce85836b90db31f0141af4c9
5845ba9b16bde454793e65d35fe16eedf485c7c6e485c22c518cb2db64208a2e
6e392bf725a9c6da028e7def8dd10b71f9a6a9a84c8fa7b28110907f248b0da2
848159d4a1ae1606b5a1df2e01254de80019a6342a31684c10597fef854c843a
89152c6b5d650050e542912484e0367ffbe7c6080e1b762fafb3c3aa93b91189
923d80c7ae9a06d102f46b3e47564fa6fadd9a2f3dd3633cc19ac5eeb25bd4ad
bef3d099c6d2fc41f5b4af02e5a28c362453805a146a65c63cb93cb8210d8a6d
d1087cf99a0c60d1cbbc3318ccc70582d42d8c898803e55137fc1a7d7a2f62b6
dcb2003d503eec26e3b6bf40bcb83c6d23f6dbc8f1321a23f0277176e4473dfe
fdbf433f4b96a0700bcf67da3f90252d8faca8fcfac958a6a06904b6342788be
fee49e2f6720cbcf360e5fc550ce2e6b923191b7a07a95a225cb5342e62fc870