urlscan.io logo urlscan.io
SecurityTrails logo

lnstagramcommunity.cf Open in urlscan Pro
2606:4700:3033::ac43:b577  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lnstagramcommunity.cf/
Effective URL: https://lnstagramcommunity.cf/
Submission: On January 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3033::ac43:b577, located in United States and belongs to CLOUDFLARENET, US. The main domain is lnstagramcommunity.cf.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 14th 2022. Valid for: a year.
This is the only time lnstagramcommunity.cf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Instagram (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 5
3    2606:4700:3033::ac43:b577 (United States)

ASN13335 (CLOUDFLARENET, US)
lnstagramcommunity.cf
1    2606:4700:3035::6815:5cc8 (United States)

ASN13335 (CLOUDFLARENET, US)
kit-free.fontawesome.com
1    2606:4700:20::681a:3da (United States)

ASN13335 (CLOUDFLARENET, US)
i.hizliresim.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
1    2606:4700::6813:b978 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.000webhost.com
Apex Domain
Subdomains		 Transfer
3 lnstagramcommunity.cf
lnstagramcommunity.cf
5 KB
1 000webhost.com
cdn.000webhost.com — Cisco Umbrella Rank: 131286
2 KB
1 gstatic.com
encrypted-tbn0.gstatic.com
4 KB
1 hizliresim.com
i.hizliresim.com — Cisco Umbrella Rank: 116852
6 KB
1 fontawesome.com
kit-free.fontawesome.com — Cisco Umbrella Rank: 21939
13 KB
6 5
Domain Requested by
3 lnstagramcommunity.cf 1 redirects lnstagramcommunity.cf
1 cdn.000webhost.com lnstagramcommunity.cf
1 encrypted-tbn0.gstatic.com lnstagramcommunity.cf
1 i.hizliresim.com lnstagramcommunity.cf
1 kit-free.fontawesome.com lnstagramcommunity.cf
6 5

This site contains links to these domains. Also see Links.

Domain
www.000webhost.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-14 -
2023-01-13		 a year crt.sh
*.hizliresim.com
R3		 2021-12-02 -
2022-03-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.000webhost.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-10 -
2023-01-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://lnstagramcommunity.cf/
Frame ID: CB9270647D048CB559FC8D09C4ED4547
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Copyright • lnstagram

Page URL History Show full URLs

  1. http://lnstagramcommunity.cf/ HTTP 301
    https://lnstagramcommunity.cf/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

6
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

31 kB
Transfer

80 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lnstagramcommunity.cf/ HTTP 301
    https://lnstagramcommunity.cf/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lnstagramcommunity.cf/
Redirect Chain
  • http://lnstagramcommunity.cf/
  • https://lnstagramcommunity.cf/
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lnstagramcommunity.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b577 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bad0a706c5454d8cac3cfb7738e21d3e8ab3c0834e85fbe7abfa65d05f34138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 14 Jan 2022 09:26:31 GMT
content-type
text/html; charset=UTF-8
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-request-id
93b25a9666b95609440633f3543c272c
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PM5Al74zNJ%2ByQPTCIFa6Ntgv267GuQwqK6pYybSkB1BNjqY5d0Ehe2tKJMY3Qae0LD8zKRicUuweAYORQFyaTwiD77Y1BCEFOL1BcD1Rn1W5zHmjOBJhtYYj5mx0xYWLu3LgM6iubvL7wZQLP02nx%2BVozmo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cd5d2be09644a55-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Fri, 14 Jan 2022 09:26:31 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Fri, 14 Jan 2022 10:26:31 GMT
Location
https://lnstagramcommunity.cf/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5CvEM%2Bvjr177iqNHUF2SSk1xf1ztGZPYD1xsUjboJeel9c6YUQoRicWWN3XQxjHZw9SrdV0I0XB6sT6frQS0hQXViSSKZxAkQX0lt%2FS%2B9kVkeDtY%2BGkyPlBg7ILxJjmR9SvLay1f4KvyW%2F3AO9P8UlVsd8%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6cd5d2bd4bf85b62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
main.css
lnstagramcommunity.cf/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lnstagramcommunity.cf/main.css
Requested by
Host: lnstagramcommunity.cf
URL: https://lnstagramcommunity.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b577 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ec974e4f604f22d60412ab21ab4cddc03643ba44b68a1adf48832ef4e0475d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lnstagramcommunity.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ba1291f5045e1048cf47e14e282d7090
last-modified
Fri, 14 Jan 2022 09:12:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NduQxziu3rfA7ZMDGAyTTxaUQQkOyE1cji8Fj9isO4Gx0x4e3uWILgVqTnAIC12rsDt%2FuKo8ZByBoQ1YQV%2BqHjVvi7n1GRlWGk3GJ6KZEIJUsD308A4jwlgaIM9PSkXo9V0Z866OJyapQn8xYXN3pBwWD0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6cd5d2c07ea14a55-FRA
free.min.css
kit-free.fontawesome.com/releases/latest/css/ 		59 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Requested by
Host: lnstagramcommunity.cf
URL: https://lnstagramcommunity.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5cc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lnstagramcommunity.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:26:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
689
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
KGR7GD50W95PR2YE
x-amz-id-2
sWcpK/zDoP/0D/EkaKQLOr1FuVmihpd8cTk2QM+UTeY46Je8ydo2h80mOt+0rwOGNiZuGURGQdQ=
last-modified
Wed, 04 Aug 2021 21:22:50 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiWUYXQG%2FaJkMW8VhwHRovqkYbOhPa6%2BFOe2Chndq25ORcQykC3XRrDEgzUjc8TeI7i2gC6MQY9CuA7kM3Q4jJkTucqIfBITkjkRCTj6iHhlyM6xYug%2Bo2RJiYA%2Fo%2FvzQMvwvISknqZXUT3sBU04%2BgsbLxXrBSM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
6cd5d2c0dc427037-FRA
cHgTep.png
i.hizliresim.com/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hizliresim.com/cHgTep.png
Requested by
Host: lnstagramcommunity.cf
URL: https://lnstagramcommunity.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1e5cc9939503959678e99aaf8558b742c08d90a442f03f84fe71f456f80bd4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lnstagramcommunity.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:26:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
501991
cf-polished
origFmt=png, origSize=8704
content-disposition
inline; filename="cHgTep.webp"
x-amz-request-id
7A9B6FA9AFC32AAF
x-amz-id-2
XQsexxV4w7BCm7qzvPr98w6X2U/Hzn08ueH+aXV5FHNEVOSU5rRL6UxtbKeld5a//zYWMTG24K44
last-modified
Fri, 11 Sep 2020 19:04:02 GMT
server
cloudflare
etag
W/"bfb8c1d7518ca5d110abae73c013ba67"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F58tc%2B9UzGCj7I0z8KieJB%2FSh5fYrnzluFB348d5KJ%2BBDUPJH3QHyO2Cg%2BIjmVN4WZPUjF6KtpoCC4kdNZMmGS1fEyVfjZsta0F2SPzqXn7Nf8mze0FjbKyrCgB0cZqSVLtavTP8m%2Foe9sMTShA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Fri, 14 Jan 2022 15:59:25 GMT
cache-control
max-age=604800
cf-ray
6cd5d2c0b9904e32-FRA
cf-bgj
imgq:100,h2pri
images
encrypted-tbn0.gstatic.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn%3AANd9GcSv3GysrPLnBI6OO1TdqqIek9ntr_DyyqOAMQ&usqp=CAU
Requested by
Host: lnstagramcommunity.cf
URL: https://lnstagramcommunity.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8be516475f0f19ee9f27371a222ee9dba15ab23c087a190a423ccfbb845ea46a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lnstagramcommunity.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:26:31 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3818
x-xss-protection
0
last-modified
Thu, 13 May 2021 14:18:10 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 14 Jan 2023 09:26:31 GMT
footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png
Requested by
Host: lnstagramcommunity.cf
URL: https://lnstagramcommunity.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lnstagramcommunity.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:26:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3719
cf-polished
origFmt=png, origSize=2046
content-disposition
inline; filename="footer-powered-by-000webhost-white2.webp"
cf-bgj
imgq:100,h2pri
x-hostinger-datacenter
srv
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1696
x-xss-protection
1; mode=block
last-modified
Fri, 07 Jan 2022 15:40:20 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"61d85ee4-7fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
image/webp
vary
Accept
cache-control
public, max-age=14400
x-hostinger-node
nl-srv-cdn1
accept-ranges
bytes
cf-ray
6cd5d2c0b8b443b8-FRA
expires
Fri, 14 Jan 2022 13:26:31 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Instagram (Social Network)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange function| getCookie undefined| wordpressAdminBody object| notification object| hostingerLogo undefined| mainContent undefined| googleFont undefined| css undefined| style undefined| sheet undefined| button undefined| link undefined| mainContentHolder undefined| h1Tag undefined| h2Tag undefined| paragraph undefined| list undefined| org_html undefined| new_html undefined| saleImage

0 Cookies

1 Console Messages

Source Level URL
Text
rendering warning URL: https://lnstagramcommunity.cf/(Line 7)
Message:
The key "inital-scale" is not recognized and ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block