instagramcontract.ml
Open in
urlscan Pro
2606:4700:30::681f:5b2d
Malicious Activity!
Public Scan
Submission: On August 08 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 8th 2019. Valid for: a year.
This is the only time instagramcontract.ml was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Instagram (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 2606:4700:30:... 2606:4700:30::681f:5b2d | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
3 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
4 | 185.27.134.19 185.27.134.19 | 34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited) | |
2 | 104.20.3.47 104.20.3.47 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
2 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
24 | 6 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
instagramcontract.ml |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
PTR: 1913427185.ifastnet.org
404tutorial.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
secure.statcounter.com | |
c.statcounter.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
instagramcontract.ml
instagramcontract.ml |
124 KB |
4 |
404tutorial.com
404tutorial.com |
42 KB |
3 |
facebook.net
connect.facebook.net |
95 KB |
2 |
facebook.com
www.facebook.com |
393 B |
2 |
statcounter.com
secure.statcounter.com c.statcounter.com |
10 KB |
24 | 5 |
Domain | Requested by | |
---|---|---|
11 | instagramcontract.ml |
instagramcontract.ml
|
4 | 404tutorial.com |
instagramcontract.ml
|
3 | connect.facebook.net |
instagramcontract.ml
connect.facebook.net |
2 | www.facebook.com |
instagramcontract.ml
|
1 | c.statcounter.com |
instagramcontract.ml
|
1 | secure.statcounter.com |
instagramcontract.ml
|
24 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.instagram.com |
itunes.apple.com |
play.google.com |
help.instagram.com |
blog.instagram.com |
instagram-press.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-08-08 - 2020-08-07 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-06-06 - 2019-09-04 |
3 months | crt.sh |
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh | |
*.statcounter.com Go Daddy Secure Certificate Authority - G2 |
2018-11-18 - 2020-01-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://instagramcontract.ml/
Frame ID: EC9D46E6F0D7CE9C94CCB7B6098443B3
Requests: 15 HTTP requests in this frame
Frame:
https://instagramcontract.ml/files/XBwzv5Yrm_1.html
Frame ID: 67B8CF90347DE355FD47801733079A5C
Requests: 10 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: ABOUT US
Search URL Search Domain Scan URL
Title: SUPPORT
Search URL Search Domain Scan URL
Title: BLOG
Search URL Search Domain Scan URL
Title: PRESS
Search URL Search Domain Scan URL
Title: API
Search URL Search Domain Scan URL
Title: JOBS
Search URL Search Domain Scan URL
Title: PRÄ°VACY
Search URL Search Domain Scan URL
Title: TERMS
Search URL Search Domain Scan URL
Title: DIRECTORY
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
instagramcontract.ml/ |
110 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1425767024389221
instagramcontract.ml/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
instagramcontract.ml/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
instagramcontract.ml/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aafd8c6b005d.jpg
instagramcontract.ml/accounts/login/files/ |
53 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
instagramcontract.ml/accounts/login/logo/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iosdw.png
instagramcontract.ml/accounts/login/files/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpdw.png
instagramcontract.ml/accounts/login/files/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
38825c9d5aa2.png
instagramcontract.ml/static/images/homepage/home-phones.png/ |
12 KB 12 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4e648d.png
instagramcontract.ml/static/sprites/core/ |
12 KB 12 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
85 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XBwzv5Yrm_1.html
instagramcontract.ml/files/ Frame 67B8 |
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1425767024389221
connect.facebook.net/signals/config/ |
301 KB 72 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kb.png
404tutorial.com/ Frame 67B8 |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
search.png
404tutorial.com/ Frame 67B8 |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
premium.png
404tutorial.com/ Frame 67B8 |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cpanel_whm1.gif
404tutorial.com/ Frame 67B8 |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
2.css
404tutorial.com/ Frame 67B8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1.css
404tutorial.com/ Frame 67B8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 67B8 |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
counter.js
secure.statcounter.com/counter/ Frame 67B8 |
30 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t.php
c.statcounter.com/ Frame 67B8 |
49 B 313 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inferredEvents.js
connect.facebook.net/signals/plugins/ |
1 KB 898 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 248 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 145 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 404tutorial.com
- URL
- http://404tutorial.com/2.css
- Domain
- 404tutorial.com
- URL
- http://404tutorial.com/1.css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Instagram (Social Network)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| _sharedData function| fbq function| _fbq0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
404tutorial.com
c.statcounter.com
connect.facebook.net
instagramcontract.ml
secure.statcounter.com
www.facebook.com
404tutorial.com
104.20.3.47
185.27.134.19
2606:4700:30::681f:5b2d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0d2fe9c96779a3b94d0fdec6f2d529b6c0d026fa9efe0e19713567ab1eee629f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14c09561486ba385a8a62bc0a8b41e03638a6334648113a7f28be47271eccb5e
14e874e255fbe26501740f41352625abdf09cec30d86c052b40070f276c63929
191560ea3bcea8ef393a863dbac8e703f176805e514de66c4ce0bd48dc21dcaf
2650f9a070fae914f0230bfd950cbf7b56682008f1f3aff3ed0c8b105c128746
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
339d420b3f7e7d56a573e1709770d6db8b3d75d211d6f00d0f7e3324d118bb80
5774ef81453ab3e2d1c5684c89c7b40dccb79d75d89ab4f63f31d75909be309b
583714033cab0d76045a8d4bbfb2326983f40d5c2cfa239e9527da9617686e6b
5b3c2e273856010009608c3810f94a40331b91dd916f84e32fdbe5aace87d873
68c719b7e4f3e3a466b233fe9ccabf0e57c0b7539818c395ca1d2d50b3365961
90c91ea6f17630bd6eb96a8cbe723c2f2934aa7105e33acffc5313099861b6fd
9f5faf91537c9a3effadfaf97aa0214ac62da4c1be4b79946ed0975224c2ab84
c7ffb5c7a2fcc93bf5553df1f27de7c5b2dbd4affcb74fd0bef82371e4e22caa
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
df488d9b1cf0172e7025ac2fa987f87ec88cc9ef090c4dab9c31976a16cd82ae