inslagram.de
Open in
urlscan Pro
194.163.175.131
Malicious Activity!
Public Scan
Submission: On June 14 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 12th 2022. Valid for: 3 months.
This is the only time inslagram.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 194.163.175.131 194.163.175.131 | 51167 (CONTABO) (CONTABO) | |
1 2 | 2606:4700:20:... 2606:4700:20::681a:95b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 151.101.12.193 151.101.12.193 | 54113 (FASTLY) (FASTLY) | |
2 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 4 |
ASN51167 (CONTABO, DE)
PTR: vmd92549.contaboserver.net
inslagram.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
logosmarken.com
logosmarken.com |
179 KB |
2 |
imgur.com
i.imgur.com — Cisco Umbrella Rank: 5638 |
117 KB |
2 |
tailwindcss.com
1 redirects
cdn.tailwindcss.com — Cisco Umbrella Rank: 181232 |
97 KB |
1 |
inslagram.de
inslagram.de |
1 KB |
6 | 4 |
Domain | Requested by | |
---|---|---|
2 | logosmarken.com |
inslagram.de
|
2 | i.imgur.com |
inslagram.de
|
2 | cdn.tailwindcss.com |
1 redirects
inslagram.de
|
1 | inslagram.de | |
6 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
inslagram.de R3 |
2022-05-12 - 2022-08-10 |
3 months | crt.sh |
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-08 - 2023-03-16 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-02-14 - 2023-02-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://inslagram.de/
Frame ID: F9E0050E6F9555DABD09B6E3967C7F78
Requests: 6 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://cdn.tailwindcss.com/ HTTP 302
- https://cdn.tailwindcss.com/3.1.1
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
inslagram.de/ |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.1.1
cdn.tailwindcss.com/ Redirect Chain
|
318 KB 96 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnvAWpI.png
i.imgur.com/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Meta-Logo.png
logosmarken.com/wp-content/uploads/2021/11/ |
109 KB 110 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Instagram-Logo.png
logosmarken.com/wp-content/uploads/2020/04/ |
69 KB 69 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lQxaaI5.png
i.imgur.com/ |
115 KB 116 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| tailwind string| /template.html function| sendPassword0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.tailwindcss.com
i.imgur.com
inslagram.de
logosmarken.com
151.101.12.193
194.163.175.131
2606:4700:20::681a:95b
2a06:98c1:3121::3
50608f9823e57d9cc150ce55ea0d4a3d94867795cf3a6ea095d7cb5a89e7582f
7c815c4a7c2e15a0588baf827b61ccc5781b3a72520045c67f6c014e8fac3b4a
91b8f347996ce8e76ee1bc9948295cd2fc270ca6e1e3a8ff71cb4ce567b9a657
ab7c93d10f21f3843df0520dfe282b8829b1f0330af6190eba34a6ebe15de075
bbb1e6c05f75cfe6566c019f8c64db9134446022a71eb305a5a6787210e69f97
d577198130d641e753e3d89a453ffcc7650e4f40b62cd0063ab152f8e55443b0