www.instagramcentralprotect.com Open in urlscan Pro
160.153.50.134 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.instagramcentralprotect.com/
Submission: On December 17 via automatic, source certstream-suspicious (December 17th 2018, 9:18:51 pm UTC)

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 160.153.50.134, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is www.instagramcentralprotect.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 17th 2018. Valid for: 2 years.

This is the only time www.instagramcentralprotect.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Instagram (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
6	160.153.50.134 160.153.50.134	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
1 5	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.111.234.198 104.111.234.198	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
6 6	2406:da00:ff0... 2406:da00:ff00::34cf:3418	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
6	2a03:2880:f21... 2a03:2880:f21c:80e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	45.40.130.22 45.40.130.22	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
22	7

6 160.153.50.134 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-160-153-50-134.ip.secureserver.net

www.instagramcentralprotect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:216:face:b00c:0:3 (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.234.198 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-234-198.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2406:da00:ff00::34cf:3418 (United States) 6 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)

instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f21c:80e5:face:b00c:0:4420 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.40.130.22 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-45-40-130-22.ip.secureserver.net

img.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	instagram.com 6 redirects instagram.com www.instagram.com	3 KB
6	instagramcentralprotect.com www.instagramcentralprotect.com	73 KB
4	facebook.com 1 redirects staticxx.facebook.com www.facebook.com	682 B
3	facebook.net connect.facebook.net	103 KB
2	secureserver.net img.secureserver.net	1 KB
1	wsimg.com img1.wsimg.com	5 KB
1	googleapis.com ajax.googleapis.com	30 KB
22	7

	Domain	Requested by
6	www.instagram.com	www.instagramcentralprotect.com
6	instagram.com	6 redirects
6	www.instagramcentralprotect.com	www.instagramcentralprotect.com
3	connect.facebook.net	www.instagramcentralprotect.com connect.facebook.net
2	img.secureserver.net
2	www.facebook.com	www.instagramcentralprotect.com
2	staticxx.facebook.com	1 redirects www.instagramcentralprotect.com
1	img1.wsimg.com	www.instagramcentralprotect.com
1	ajax.googleapis.com	www.instagramcentralprotect.com
22	9

This site contains no links.

Subject Issuer	Validity	Valid
instagramcentralprotect.com Go Daddy Secure Certificate Authority - G2	`2018-12-17` - `2020-12-17`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
*.wsimg.com Starfield Secure Certificate Authority - G2	`2018-09-25` - `2020-09-25`	2 years	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2018-09-05` - `2019-12-12`	a year	crt.sh
img.secureserver.net Starfield Secure Certificate Authority - G2	`2018-11-13` - `2020-11-13`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.instagramcentralprotect.com/
Frame ID: 62FF855166EEAB49124C08EA5F45164C
Requests: 21 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=43
Frame ID: 3692C33DDE6D345C652872AF861F7B9E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

22
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

212 kB
Transfer

722 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://instagram.com/files/6514c5e08593.js.indir HTTP 301
https://www.instagram.com/files/6514c5e08593.js.indir

Request Chain 10

https://instagram.com/files/fc3c22cf2d67.js.indir HTTP 301
https://www.instagram.com/files/fc3c22cf2d67.js.indir

Request Chain 11

https://instagram.com/files/f1abf980aaf5.js.indir HTTP 301
https://www.instagram.com/files/f1abf980aaf5.js.indir

Request Chain 12

https://instagram.com/files/8d4b99281427.js.indir HTTP 301
https://www.instagram.com/files/8d4b99281427.js.indir

Request Chain 13

https://staticxx.facebook.com/connect/xd_arbiter/r/2VRzCA39w_9.js?version=42 HTTP 302
https://staticxx.facebook.com/connect/xd_arbiter.php?version=43

Request Chain 14

https://instagram.com/files/f1abf980aaf5.js.indir HTTP 301
https://www.instagram.com/files/f1abf980aaf5.js.indir

Request Chain 15

https://instagram.com/files/8d4b99281427.js.indir HTTP 301
https://www.instagram.com/files/8d4b99281427.js.indir

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.instagramcentralprotect.com/ 235 KB
58 KB 575ms
183ms Document
text/html 160.153.50.134
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagramcentralprotect.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 160.153.50.134 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-160-153-50-134.ip.secureserver.net
Software: Apache / PHP/7.2.6
Resource Hash: 6412f059aed3a2601e180b3fa909ab304902001b2a4bd030cec88feaedf3bc46

Request headers

Host: www.instagramcentralprotect.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 21:18:34 GMT
Server: Apache
X-Powered-By: PHP/7.2.6
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 51 KB
15 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.instagramcentralprotect.com
URL: https://www.instagramcentralprotect.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 14861
x-xss-protection: 0
pragma: public
x-fb-debug: zk29IxlTBbkTQBa7A9fg9Yb8Z6xrxlOCopd2SmQKd/s9NONL9MGN9kIGgIN3UEimSXZQmmR5FLxriRZ7XliXtQ==
date: Mon, 17 Dec 2018 21:18:34 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 404
Not Found 1425767024389221
www.instagramcentralprotect.com/files/ 0
0 345ms
146ms Script
text/html 160.153.50.134
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagramcentralprotect.com/files/1425767024389221
Requested by: Host: www.instagramcentralprotect.com
URL: https://www.instagramcentralprotect.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 160.153.50.134 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-160-153-50-134.ip.secureserver.net
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.instagramcentralprotect.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.instagramcentralprotect.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 21:18:34 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5
Content-Length: 339
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found fbevents.js.indir
www.instagramcentralprotect.com/files/ 0
0 480ms
145ms Script
text/html 160.153.50.134
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagramcentralprotect.com/files/fbevents.js.indir
Requested by: Host: www.instagramcentralprotect.com
URL: https://www.instagramcentralprotect.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 160.153.50.134 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-160-153-50-134.ip.secureserver.net
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.instagramcentralprotect.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.instagramcentralprotect.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 21:18:34 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5
Content-Length: 340
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 1425767024389221(1)
www.instagramcentralprotect.com/files/ 0
0 437ms
141ms Script
text/html 160.153.50.134
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagramcentralprotect.com/files/1425767024389221(1)
Requested by: Host: www.instagramcentralprotect.com
URL: https://www.instagramcentralprotect.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 160.153.50.134 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-160-153-50-134.ip.secureserver.net
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.instagramcentralprotect.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.instagramcentralprotect.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 21:18:34 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5
Content-Length: 342
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found fbevents.js(1).indir
www.instagramcentralprotect.com/files/ 0
0 440ms
145ms Script
text/html 160.153.50.134
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagramcentralprotect.com/files/fbevents.js(1).indir
Requested by: Host: www.instagramcentralprotect.com
URL: https://www.instagramcentralprotect.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 160.153.50.134 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-160-153-50-134.ip.secureserver.net
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.instagramcentralprotect.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.instagramcentralprotect.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 21:18:34 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5
Content-Length: 343
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 1425767024389221 Show response
connect.facebook.net/signals/config/ 162 KB
46 KB 48ms
47ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1425767024389221?v=2.8.24&r=stable

Requested by

Host: www.instagramcentralprotect.com
URL: https://www.instagramcentralprotect.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

88a8c8afa98fc5203593c3a87d8fa7982d955543f024cbfa46a96330b6d889c9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: y/plPgefZC5DNLGYZk1Kf4ER9a5gnkrKgdTD4AWD690ZNQMzszJ0wOzGkrW1ob4IpKQjpOnPIEvQYEOvoSBiFA==
date: Mon, 17 Dec 2018 21:18:34 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK vpaQNA.png
www.instagramcentralprotect.com/ 15 KB
15 KB 438ms
143ms Image
image/png 160.153.50.134
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.instagramcentralprotect.com/vpaQNA.png
Requested by: Host: www.instagramcentralprotect.com
URL: https://www.instagramcentralprotect.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 160.153.50.134 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-160-153-50-134.ip.secureserver.net
Software: Apache /
Resource Hash: 9de8c2729ae5603e5a54ebdf8bb76187a8c30d6100b3855853c58eef222f1473

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.instagramcentralprotect.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.instagramcentralprotect.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 21:18:34 GMT
Last-Modified: Mon, 17 Dec 2018 20:09:46 GMT
Server: Apache
ETag: "77c00b0-3a77-57d3d5cc486c2"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 14967

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.instagramcentralprotect.com
URL: https://www.instagramcentralprotect.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Dec 2018 15:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453273
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 30399
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jan 2018 15:33:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2019 15:24:01 GMT

GET
H2 200 tcc_l.combined.1.0.6.min.js Show response
img1.wsimg.com/tcc/ 12 KB
5 KB 13ms
11ms Script
application/javascript 104.111.234.198
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
Requested by: Host: www.instagramcentralprotect.com
URL: https://www.instagramcentralprotect.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.198 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-234-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350

Request headers

Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 17 Dec 2018 21:18:34 GMT
content-encoding: gzip
last-modified: Fri, 31 Mar 2017 16:26:41 GMT
access-control-allow-origin: *
etag: "52ef5c943baad21:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 4564
expires: Tue, 17 Dec 2019 21:18:34 GMT

GET
H2

404

6514c5e08593.js.indir
www.instagram.com/files/
Redirect Chain

https://instagram.com/files/6514c5e08593.js.indir
https://www.instagram.com/files/6514c5e08593.js.indir

0
0

239ms
174ms

Script
text/html

2a03:2880:f21c:80e5:face:b00c:0:4420
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/files/6514c5e08593.js.indir
Requested by: Host: www.instagramcentralprotect.com
URL: https://www.instagramcentralprotect.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:2880:f21c:80e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
strict-transport-security: max-age=3600; includeSubDomains
x-content-type-options: nosniff
location: https://www.instagram.com/files/6514c5e08593.js.indir
date: Mon, 17 Dec 2018 21:18:34 GMT
x-frame-options: SAMEORIGIN
content-language: en
status: 301
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd; worker-src 'self' https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
vary: Accept-Language
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

404

fc3c22cf2d67.js.indir
www.instagram.com/files/
Redirect Chain

https://instagram.com/files/fc3c22cf2d67.js.indir
https://www.instagram.com/files/fc3c22cf2d67.js.indir

0
0

249ms
180ms

Script
text/html

2a03:2880:f21c:80e5:face:b00c:0:4420
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/files/fc3c22cf2d67.js.indir
Requested by: Host: www.instagramcentralprotect.com
URL: https://www.instagramcentralprotect.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:2880:f21c:80e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
strict-transport-security: max-age=3600; includeSubDomains
x-content-type-options: nosniff
location: https://www.instagram.com/files/fc3c22cf2d67.js.indir
date: Mon, 17 Dec 2018 21:18:34 GMT
x-frame-options: SAMEORIGIN
content-language: en
status: 301
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd; worker-src 'self' https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
vary: Accept-Language
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

404

f1abf980aaf5.js.indir
www.instagram.com/files/
Redirect Chain

https://instagram.com/files/f1abf980aaf5.js.indir
https://www.instagram.com/files/f1abf980aaf5.js.indir

0
0

239ms
170ms

Script
text/html

2a03:2880:f21c:80e5:face:b00c:0:4420
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/files/f1abf980aaf5.js.indir

Requested by

Host: www.instagramcentralprotect.com
URL: https://www.instagramcentralprotect.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:2880:f21c:80e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://.cdninstagram.com https://.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://.cdninstagram.com wss://www.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://graph.instagram.com https://.graph.instagram.com https://.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd; worker-src 'self' https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Dec 2018 21:18:35 GMT
x-content-type-options: nosniff
access-control-allow-origin: null
x-frame-options: SAMEORIGIN
content-language: en
status: 404
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd; worker-src 'self' https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
strict-transport-security: max-age=3600
content-type: text/html; charset=utf-8
vary: Accept-Language, Cookie
content-length: 19712
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=3600; includeSubDomains
x-content-type-options: nosniff
status: 301
vary: Accept-Language
content-length: 0
x-xss-protection: 0
pragma: no-cache
location: https://www.instagram.com/files/f1abf980aaf5.js.indir
date: Mon, 17 Dec 2018 21:18:34 GMT
x-frame-options: SAMEORIGIN
content-language: en
access-control-allow-origin: https://www.instagramcentralprotect.com
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd; worker-src 'self' https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

404

8d4b99281427.js.indir
www.instagram.com/files/
Redirect Chain

https://instagram.com/files/8d4b99281427.js.indir
https://www.instagram.com/files/8d4b99281427.js.indir

0
0

234ms
165ms

Script
text/html

2a03:2880:f21c:80e5:face:b00c:0:4420
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/files/8d4b99281427.js.indir

Requested by

Host: www.instagramcentralprotect.com
URL: https://www.instagramcentralprotect.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:2880:f21c:80e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://.cdninstagram.com https://.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://.cdninstagram.com wss://www.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://graph.instagram.com https://.graph.instagram.com https://.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd; worker-src 'self' https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Dec 2018 21:18:35 GMT
x-content-type-options: nosniff
access-control-allow-origin: null
x-frame-options: SAMEORIGIN
content-language: en
status: 404
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd; worker-src 'self' https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
strict-transport-security: max-age=3600
content-type: text/html; charset=utf-8
vary: Accept-Language, Cookie
content-length: 19712
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=3600; includeSubDomains
x-content-type-options: nosniff
status: 301
vary: Accept-Language
content-length: 0
x-xss-protection: 0
pragma: no-cache
location: https://www.instagram.com/files/8d4b99281427.js.indir
date: Mon, 17 Dec 2018 21:18:34 GMT
x-frame-options: SAMEORIGIN
content-language: en
access-control-allow-origin: https://www.instagramcentralprotect.com
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd; worker-src 'self' https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

xd_arbiter.php
staticxx.facebook.com/connect/ Frame 3692
Redirect Chain

https://staticxx.facebook.com/connect/xd_arbiter/r/2VRzCA39w_9.js?version=42
https://staticxx.facebook.com/connect/xd_arbiter.php?version=43

0
0

16ms
11ms

Document
text/html

2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=43

Requested by

Host: www.instagramcentralprotect.com
URL: https://www.instagramcentralprotect.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=43
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.instagramcentralprotect.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.instagramcentralprotect.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Fri, 13 Dec 2019 16:29:32 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: jOu4jqR5q7WMoCjarUdHahkKnGNvWZ2A0YMzMvII1+Az/eUGdQuOI64IjkWN0CJLibKjGVgt+VGAYkcAa0XNrQ==
content-length: 11934
date: Mon, 17 Dec 2018 21:18:35 GMT

Redirect headers

status: 302
strict-transport-security: max-age=15552000; preload
location: https://staticxx.facebook.com/connect/xd_arbiter.php?version=43
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-content-type-options: nosniff
x-xss-protection: 0
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
content-type: text/html; charset="utf-8"
x-fb-debug: 7SFzHX4X1MPwFPCRVfhOnKxxnT9rFHgKUjL4lgO4jLVrocl4dc7TU5+Jwd9cBrTyVi2sRBbePbyFiZiu5WXBwA==
content-length: 0
date: Mon, 17 Dec 2018 21:18:34 GMT

GET
H2

404

f1abf980aaf5.js.indir
www.instagram.com/files/
Redirect Chain

https://instagram.com/files/f1abf980aaf5.js.indir
https://www.instagram.com/files/f1abf980aaf5.js.indir

0
0

174ms
174ms

Script
text/html

2a03:2880:f21c:80e5:face:b00c:0:4420
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/files/f1abf980aaf5.js.indir

Requested by

Host: www.instagramcentralprotect.com
URL: https://www.instagramcentralprotect.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:2880:f21c:80e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://.cdninstagram.com https://.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://.cdninstagram.com wss://www.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://graph.instagram.com https://.graph.instagram.com https://.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd; worker-src 'self' https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Dec 2018 21:18:35 GMT
x-content-type-options: nosniff
access-control-allow-origin: null
x-frame-options: SAMEORIGIN
content-language: en
status: 404
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd; worker-src 'self' https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
strict-transport-security: max-age=3600
content-type: text/html; charset=utf-8
vary: Accept-Language, Cookie
content-length: 19712
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=3600; includeSubDomains
x-content-type-options: nosniff
status: 301
vary: Accept-Language
content-length: 0
x-xss-protection: 0
pragma: no-cache
location: https://www.instagram.com/files/f1abf980aaf5.js.indir
date: Mon, 17 Dec 2018 21:18:35 GMT
x-frame-options: SAMEORIGIN
content-language: en
access-control-allow-origin: https://www.instagramcentralprotect.com
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd; worker-src 'self' https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

404

8d4b99281427.js.indir
www.instagram.com/files/
Redirect Chain

https://instagram.com/files/8d4b99281427.js.indir
https://www.instagram.com/files/8d4b99281427.js.indir

0
0

167ms
166ms

Script
text/html

2a03:2880:f21c:80e5:face:b00c:0:4420
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/files/8d4b99281427.js.indir

Requested by

Host: www.instagramcentralprotect.com
URL: https://www.instagramcentralprotect.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:2880:f21c:80e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://.cdninstagram.com https://.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://.cdninstagram.com wss://www.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://graph.instagram.com https://.graph.instagram.com https://.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd; worker-src 'self' https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Dec 2018 21:18:35 GMT
x-content-type-options: nosniff
access-control-allow-origin: null
x-frame-options: SAMEORIGIN
content-language: en
status: 404
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd; worker-src 'self' https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
strict-transport-security: max-age=3600
content-type: text/html; charset=utf-8
vary: Accept-Language, Cookie
content-length: 19712
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=3600; includeSubDomains
x-content-type-options: nosniff
status: 301
vary: Accept-Language
content-length: 0
x-xss-protection: 0
pragma: no-cache
location: https://www.instagram.com/files/8d4b99281427.js.indir
date: Mon, 17 Dec 2018 21:18:35 GMT
x-frame-options: SAMEORIGIN
content-language: en
access-control-allow-origin: https://www.instagramcentralprotect.com
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd; worker-src 'self' https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1425767024389221 Show response
connect.facebook.net/signals/config/ 162 KB
42 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1425767024389221?v=2.8.35&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

e393d129c1a548de311db1a171d7da1f02a3003160b84b879256f06080a942ff

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 42895
x-xss-protection: 0
pragma: public
x-fb-debug: cb42917q0ao4Hr0oWJaFLGg+Lc/iVTOQ7wshvnuJgtqan2gztHaiWzUgfU8yDozj4jAH8cRvPWW/MhBPTGv3MA==
date: Mon, 17 Dec 2018 21:18:35 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1425767024389221&ev=PageView&dl=https%3A%2F%2Fwww.instagramcentralprotect.com%2F&rl=&if=false&ts=1545081516055&sw=1600&sh=1200&v=2.8.35&r=stable&ec=0&o=30&it=1545081515937&coo=false
Requested by: Host: www.instagramcentralprotect.com
URL: https://www.instagramcentralprotect.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 17 Dec 2018 21:18:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 17 Dec 2018 21:18:36 GMT

GET
H/1.1 200
OK event
img.secureserver.net/t/1/tl/ 43 B
603 B 756ms
141ms Image
image/gif 45.40.130.22
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.secureserver.net/t/1/tl/event?cts=1545081516287&tce=1545081514089&tcs=1545081513787&tdc=1545081516084&tdclee=1545081515927&tdcles=1545081515927&tdi=1545081515927&tdl=1545081514359&tdle=1545081513787&tdls=1545081513699&tfs=1545081513698&tns=1545081513698&trqs=1545081514090&tre=1545081514561&trps=1545081514273&tles=1545081516084&tlee=1545081516084&ht=perf&dh=www.instagramcentralprotect.com&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&vci=1387640036&cv=1.0.6&z=252815608&vg=207d48ac-6289-4a0d-9f49-0e686bce8d02&vtg=207d48ac-6289-4a0d-9f49-0e686bce8d02&ap=cpsh&trfd=%7B%22cts%22%3A1545081514638%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22p3plcpnl0851%22%7D&dp=%2F
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 45.40.130.22 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-45-40-130-22.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ARR/2.5, ASP.NET
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 21:18:35 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ARR/2.5, ASP.NET
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
Access-Control-Allow-Origin: https://www.instagramcentralprotect.com, *
Cache-Control: 0
Content-Type: image/gif
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 43

GET
H/1.1 200
OK event
img.secureserver.net/t/1/tl/ 43 B
603 B 768ms
149ms Image
image/gif 45.40.130.22
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.secureserver.net/t/1/tl/event?cts=1545081516292&tce=1545081514089&tcs=1545081513787&tdc=1545081516084&tdclee=1545081515927&tdcles=1545081515927&tdi=1545081515927&tdl=1545081514359&tdle=1545081513787&tdls=1545081513699&tfs=1545081513698&tns=1545081513698&trqs=1545081514090&tre=1545081514561&trps=1545081514273&tles=1545081516084&tlee=1545081516084&ht=perf&dh=www.instagramcentralprotect.com&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&vci=1387640036&cv=1.0.6&z=1568654634&vg=207d48ac-6289-4a0d-9f49-0e686bce8d02&vtg=207d48ac-6289-4a0d-9f49-0e686bce8d02&ap=cpsh&trfd=%7B%22cts%22%3A1545081514638%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22p3plcpnl0851%22%7D&dp=%2F
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 45.40.130.22 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-45-40-130-22.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ARR/2.5, ASP.NET
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 21:18:36 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ARR/2.5, ASP.NET
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
Access-Control-Allow-Origin: https://www.instagramcentralprotect.com, *
Cache-Control: 0
Content-Type: image/gif
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 43

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1425767024389221&ev=Microdata&dl=https%3A%2F%2Fwww.instagramcentralprotect.com%2F&rl=&if=false&ts=1545081517566&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CnInstagram%20Help%20Center%5Cn%5Cn%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.35&r=stable&ec=1&o=30&it=1545081515937&coo=false&es=automatic
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.instagramcentralprotect.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 17 Dec 2018 21:18:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 17 Dec 2018 21:18:37 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Instagram (Social Network)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.facebook.com/	1970-01-18 23:20:57	Name: fr Value: 0ybQsdkkkOwkYWbS3..BcGBKs...1.0.BcGBKs.
www.instagramcentralprotect.com/	1970-01-18 21:11:23	Name: _tccl_visit Value: 207d48ac-6289-4a0d-9f49-0e686bce8d02
www.instagramcentralprotect.com/	1970-01-19 05:56:57	Name: _tccl_visitor Value: 207d48ac-6289-4a0d-9f49-0e686bce8d02

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js(Line 2) Message: jQuery.Deferred exception: Cannot read property 'value' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
connect.facebook.net
img.secureserver.net
img1.wsimg.com
instagram.com
staticxx.facebook.com
www.facebook.com
www.instagram.com
www.instagramcentralprotect.com
104.111.234.198
160.153.50.134
2406:da00:ff00::34cf:3418
2a00:1450:4001:81d::200a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:2880:f21c:80e5:face:b00c:0:4420
45.40.130.22
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775
6412f059aed3a2601e180b3fa909ab304902001b2a4bd030cec88feaedf3bc46
88a8c8afa98fc5203593c3a87d8fa7982d955543f024cbfa46a96330b6d889c9
9de8c2729ae5603e5a54ebdf8bb76187a8c30d6100b3855853c58eef222f1473
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350
e393d129c1a548de311db1a171d7da1f02a3003160b84b879256f06080a942ff

www.instagramcentralprotect.com Open in urlscan Pro 160.153.50.134 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

63 %IPv6

7 Domains

9 Subdomains

7 IPs

3 Countries

212 kBTransfer

722 kBSize

3 Cookies

0 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

www.instagramcentralprotect.com Open in urlscan Pro
160.153.50.134 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

212 kB
Transfer

722 kB
Size

3
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!