instasave.xyz
Open in
urlscan Pro
2606:4700:3036::ac43:9a2a
Public Scan
Effective URL: https://instasave.xyz/
Submission: On August 28 via manual from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 14th 2020. Valid for: a year.
This is the only time instasave.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 2606:4700:303... 2606:4700:3036::ac43:9a2a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 139.45.195.147 139.45.195.147 | 9002 (RETN-AS) (RETN-AS) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:802::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c0b::9a | 15169 (GOOGLE) (GOOGLE) | |
1 | 139.45.195.162 139.45.195.162 | 9002 (RETN-AS) (RETN-AS) | |
3 6 | 104.19.134.78 104.19.134.78 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 139.45.197.194 139.45.197.194 | 9002 (RETN-AS) (RETN-AS) | |
19 | 7 |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
instasave.xyz
1 redirects
instasave.xyz |
753 KB |
6 |
mgid.com
3 redirects
c.mgid.com s-img.mgid.com |
41 KB |
5 |
inpagepush.com
inpagepush.com |
28 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
1 |
onstunkyr.com
onstunkyr.com |
482 B |
1 |
rtmark.net
my.rtmark.net |
771 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
99 B |
19 | 7 |
Domain | Requested by | |
---|---|---|
8 | instasave.xyz |
1 redirects
instasave.xyz
|
5 | inpagepush.com |
instasave.xyz
inpagepush.com |
3 | s-img.mgid.com | |
3 | c.mgid.com | 3 redirects |
2 | www.google-analytics.com |
1 redirects
instasave.xyz
|
1 | onstunkyr.com | |
1 | my.rtmark.net |
inpagepush.com
|
1 | stats.g.doubleclick.net |
instasave.xyz
|
19 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
w3layouts.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-14 - 2021-08-14 |
a year | crt.sh |
inpagepush.com Let's Encrypt Authority X3 |
2020-08-15 - 2020-11-13 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
*.rtmark.net Let's Encrypt Authority X3 |
2020-08-28 - 2020-11-26 |
3 months | crt.sh |
onstunkyr.com Let's Encrypt Authority X3 |
2020-07-15 - 2020-10-13 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://instasave.xyz/
Frame ID: C65A2DBF8E2FAC1AA80F851F009BF6B8
Requests: 16 HTTP requests in this frame
Frame:
https://s-img.mgid.com/g/5523139/328x328/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc%2A.webp
Frame ID: 58AFED95F9148E5D3F4EEC11AEA4DE5B
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://instasave.xyz/
HTTP 301
https://instasave.xyz/ Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: w3layouts
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://instasave.xyz/
HTTP 301
https://instasave.xyz/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://www.google-analytics.com/r/collect?v=1&_v=j83&a=386073684&t=pageview&_s=1&dl=https%3A%2F%2Finstasave.xyz%2F&ul=en-us&de=UTF-8&dt=Download%20Instagram%20Photos%20and%20Videos%20Online%20-%20InstaSave&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=2093177271&gjid=2001682488&cid=57927987.1598653553&tid=UA-76864639-1&_gid=1047497053.1598653553&_r=1&z=1838961244 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76864639-1&cid=57927987.1598653553&jid=2093177271&_gid=1047497053.1598653553&gjid=2001682488&_v=j83&z=1838961244
- https://c.mgid.com/c?pv=2&v=0|0|0|GNQwhpsc9dD7Qz2cqwHYoYl1vKOYaEDKud6WITKAxvHOWWLmCwvfT1a8SKhg3L_s&cid=218581&f=1&h2=RzmfZhvBhvrigr5pmFTSMmmQxV2Yf0rUxqfPrlk_5TM*&rid=z3442660zb5295256bcCHcp2ph2020082817h&psid=1_3442660&cp=154&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzU1MjMxMzkvMzI4eDMyOC8xMzV4MHgxMDYyeDcwOC9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qQXRNRE12TVRBeE9USTBMelE1TWpnME1qRTJNVGd5TW1ZME9HSTJNelEyTUdVek5qSmhZVGxqT1RKaUxtcHdaV2MqLndlYnA= HTTP 301
- https://s-img.mgid.com/g/5523139/328x328/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc%2A.webp
- https://c.mgid.com/c?pv=2&v=0|0|0|GNQwhpsc9dD7Qz2cqwHYoYl1vKOYaEDKud6WITKAxvHOWWLmCwvfT1a8SKhg3L_s&cid=218581&f=1&h2=RzmfZhvBhvrigr5pmFTSMmmQxV2Yf0rUxqfPrlk_5TM*&rid=z3442660zb5295256bcCHcp2ph2020082817h&psid=1_3442660&cp=154&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzU1MjMxMzkvMzI4eDMyOC8xMzV4MHgxMDYyeDcwOC9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qQXRNRE12TVRBeE9USTBMelE1TWpnME1qRTJNVGd5TW1ZME9HSTJNelEyTUdVek5qSmhZVGxqT1RKaUxtcHdaV2MqLndlYnA= HTTP 301
- https://s-img.mgid.com/g/5523139/328x328/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc%2A.webp
- https://c.mgid.com/c?pv=2&v=0|0|0|byIXoF6r7U3ykdU8nuQMguNdjZtShfAxB4l50bIc2tHJE7XxNlpZT2yprlqDJA3u&cid=756446&f=1&h2=RzmfZhvBhvrigr5pmFTSMmmQxV2Yf0rUxqfPrlk_5TM*&rid=z3442660zb5920476bcCHcp2ph2020082817h&psid=1_3442660&cp=154&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzQwMjMxNDQvMzI4eDMyOC8yNzh4MHg4Mjh4NTUyL2FIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TVRrdE1EZ3ZNVEF4T1RJMEwyWmlaakU1TURsbU1UUmpOek5oTVdFek5HVTVZVEEzWVdSbU5HRTVabU0wTG5CdVp3Kioud2VicA== HTTP 301
- https://s-img.mgid.com/g/4023144/328x328/278x0x828x552/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw%2A%2A.webp
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
instasave.xyz/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
instasave.xyz/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3442660
inpagepush.com/400/ |
65 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AdvertiseWithUs.png
instasave.xyz/images/ |
95 KB 95 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
instasave.xyz/js/ |
94 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.png
instasave.xyz/images/ |
91 KB 91 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Andika-R.ttf
instasave.xyz/fonts/ |
1 MB 439 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Amita-Regular.ttf
instasave.xyz/fonts/ |
210 KB 91 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gid.js
my.rtmark.net/ |
65 B 771 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3442660
inpagepush.com/500/ |
2 KB 2 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
3442660
inpagepush.com/500/ Frame |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc%2A.webp
s-img.mgid.com/g/5523139/328x328/135x0x1062x708/ Redirect Chain
|
13 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
A0qjT5NOpKjlWXdSzkFqpwpk1cKoJLgsU4wTwIiIQthUJ6i95NOv_M4shxwQQgaFAlWxDg46X96g0rqDGgxwtGDbXuYPvpKPDwOhNi1S56RWrO9qEhQghjvgRZPgYvYUysfd1rKf4Wngy4cERs5ZioK7nb9aKqUq8hC5acvIL8FlutanHphVBt8WdiTm3HIY-C73f...
onstunkyr.com/impression/ |
43 B 482 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc%2A.webp
s-img.mgid.com/g/5523139/328x328/135x0x1062x708/ Frame 58AF Redirect Chain
|
13 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3442660
inpagepush.com/500/ |
2 KB 2 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
3442660
inpagepush.com/500/ Frame |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw%2A%2A.webp
s-img.mgid.com/g/4023144/328x328/278x0x828x552/ Redirect Chain
|
13 KB 13 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| hideURLbar object| akvyamh7gsu object| zfgformats object| webpushlogs function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.instasave.xyz/ | Name: _gat Value: 1 |
|
.instasave.xyz/ | Name: _gid Value: GA1.2.1047497053.1598653553 |
|
.instasave.xyz/ | Name: _ga Value: GA1.2.57927987.1598653553 |
|
.instasave.xyz/ | Name: __cfduid Value: d2d06acbfdce1f6c60cf863b3eed03f9f1598653552 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.mgid.com
inpagepush.com
instasave.xyz
my.rtmark.net
onstunkyr.com
s-img.mgid.com
stats.g.doubleclick.net
www.google-analytics.com
104.19.134.78
139.45.195.147
139.45.195.162
139.45.197.194
2606:4700:3036::ac43:9a2a
2a00:1450:4001:802::200e
2a00:1450:400c:c0b::9a
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1
340669d513240dda4db4af2817d0deccfdcf1ede6b4ef369c0174d43714569ed
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53e9fd7dc830e0ee86d513748260a39d9ac9bb6061d1e5c6c3a003aadb82458f
62aabc20e3e81a2d76744a1aa8df4874be94e74b85487ccd66d0f0ce5c38c12e
690ffafb17df0848c4ae97e6ffd8eed750345139f93fb5af6668af058c1d4e4e
732e594e6930f70916bf13913abd995b833c37b1853a2eb60dde27509edf1cd6
7c424663e1e52ecab30fd6ab882169505b6c3931303f2f94dd77a8a62d9d70b9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8799a19594ad7dde3dc480790123f5e7564d67de312053fa9fd69e884698c166
9be247f6c11f0c235c7f4f12af23bb324f51b07c3ea16ebd58bc56939bd355d1
e07a1ff8bb319cd102a97f2244f930ff3369e3b6c63138f3f25870a26e46b589
e532930c05451fd4b0ee954b873eb02e6f45aea0ec3cd7bd652ab4986bb48289
ec5b9d1e81645175f86a23a36a6837c55ea1599c6a2e2497578c9fc342df5ebd
f7ef3b27e3bd3ad6a0ed84475cd4d39f4f1cc1f2321f7964d6dd63476b6535b2
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955