instagramasistance.com Open in urlscan Pro
2606:4700:30::6818:70f4 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://instagramasistance.com/
Submission: On December 17 via automatic, source certstream-suspicious (December 17th 2018, 7:39:17 am UTC)

Summary HTTP 14 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700:30::6818:70f4, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is instagramasistance.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 17th 2018. Valid for: a year.

This is the only time instagramasistance.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Instagram (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:30:... 2606:4700:30::6818:70f4	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
14	3

10 2606:4700:30::6818:70f4 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

instagramasistance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	instagramasistance.com instagramasistance.com	95 KB
2	facebook.com www.facebook.com	490 B
2	facebook.net connect.facebook.net	57 KB
14	3

	Domain	Requested by
10	instagramasistance.com	instagramasistance.com
2	www.facebook.com	instagramasistance.com
2	connect.facebook.net	instagramasistance.com connect.facebook.net
14	3

This site contains links to these domains. Also see Links.

Domain
www.copyright.gov
www.wipo.int

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2018-12-17` - `2019-12-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://instagramasistance.com/
Frame ID: 50E6DB20CDA234731D389AAC0B0CD14A
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

152 kB
Transfer

407 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.copyright.gov/
Title: The website of the World Intellectual Property Organization

Search URL Search Domain Scan URL

URL: http://www.wipo.int/directory/en/urls.jsp
Title: Directory of the World Intellectual Property Organization

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
instagramasistance.com/ 104 KB
27 KB 78ms
59ms Document
text/html 2606:4700:30::6818:70f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://instagramasistance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6818:70f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6108dedff1580258d0eb04989e42b207209f143c78efb03bf54bfa101fb7c9f

Request headers

:method: GET
:authority: instagramasistance.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 17 Dec 2018 07:39:02 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dcc07b8987d99eaf7870da3ecfd1c4e581545032341; expires=Tue, 17-Dec-19 07:39:01 GMT; path=/; domain=.instagramasistance.com; HttpOnly
vary: Accept-Encoding
x-cache: HIT from Backend
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 48a7bbc96a04c2d8-FRA
content-encoding: br

GET
H2 200 1425767024389221 Show response
instagramasistance.com/login_files/ 41 KB
41 KB 16ms
16ms Script
text/plain 2606:4700:30::6818:70f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://instagramasistance.com/login_files/1425767024389221
Requested by: Host: instagramasistance.com
URL: https://instagramasistance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6818:70f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e4d2c83946aa7982dee233b51b5210c6192a99e8e3715d2be2470c67869457

Request headers

:path: /login_files/1425767024389221
pragma: no-cache
cookie: __cfduid=dcc07b8987d99eaf7870da3ecfd1c4e581545032341
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: instagramasistance.com
referer: https://instagramasistance.com/
:scheme: https
:method: GET
Referer: https://instagramasistance.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 17 Dec 2018 07:39:02 GMT
last-modified: Sun, 31 Dec 2017 12:15:42 GMT
server: cloudflare
etag: "a2bf-561a1d30c9780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: HIT from Backend
status: 200
accept-ranges: bytes
cf-ray: 48a7bbc9cb08c2d8-FRA
content-length: 41663

GET
H2 200 fbevents.js.indir Show response
instagramasistance.com/login_files/ 34 KB
11 KB 23ms
22ms Script
application/javascript 2606:4700:30::6818:70f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://instagramasistance.com/login_files/fbevents.js.indir
Requested by: Host: instagramasistance.com
URL: https://instagramasistance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6818:70f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2abe861caf51ab1391dbb25a2cc08c44009818a403a6ecbf47af715a1d85a247

Request headers

:path: /login_files/fbevents.js.indir
pragma: no-cache
cookie: __cfduid=dcc07b8987d99eaf7870da3ecfd1c4e581545032341
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: instagramasistance.com
referer: https://instagramasistance.com/
:scheme: https
:method: GET
Referer: https://instagramasistance.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 17 Dec 2018 07:39:02 GMT
content-encoding: br
last-modified: Sun, 31 Dec 2017 12:15:41 GMT
server: cloudflare
etag: W/"86be-561a1d2fd5540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT from Backend
content-type: application/javascript
status: 200
cf-ray: 48a7bbc9cb0bc2d8-FRA

GET
H2 200 1425767024389221(1) Show response
instagramasistance.com/login_files/ 267 B
341 B 33ms
32ms Script
text/html 2606:4700:30::6818:70f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://instagramasistance.com/login_files/1425767024389221(1)
Requested by: Host: instagramasistance.com
URL: https://instagramasistance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6818:70f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f7ea6a516d11a81d8028d7bd638170b11dc5b8dc3209bcab0445bae3755800

Request headers

:path: /login_files/1425767024389221(1)
pragma: no-cache
cookie: __cfduid=dcc07b8987d99eaf7870da3ecfd1c4e581545032341
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: instagramasistance.com
referer: https://instagramasistance.com/
:scheme: https
:method: GET
Referer: https://instagramasistance.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 17 Dec 2018 07:39:02 GMT
last-modified: Sun, 31 Dec 2017 12:15:42 GMT
server: cloudflare
etag: "10b-561a1d30c9780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: HIT from Backend
status: 200
accept-ranges: bytes
cf-ray: 48a7bbc9eb40c2d8-FRA
content-length: 267

GET
H2 200 fbevents.js(1).indir Show response
instagramasistance.com/login_files/ 261 B
334 B 33ms
33ms Script
text/html 2606:4700:30::6818:70f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://instagramasistance.com/login_files/fbevents.js(1).indir
Requested by: Host: instagramasistance.com
URL: https://instagramasistance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6818:70f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8c867518a192f73abfd3479e81dde4ffa58dffb7feb1666465edc2b84355ab5

Request headers

:path: /login_files/fbevents.js(1).indir
pragma: no-cache
cookie: __cfduid=dcc07b8987d99eaf7870da3ecfd1c4e581545032341
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: instagramasistance.com
referer: https://instagramasistance.com/
:scheme: https
:method: GET
Referer: https://instagramasistance.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 17 Dec 2018 07:39:02 GMT
last-modified: Sun, 31 Dec 2017 12:15:41 GMT
server: cloudflare
etag: "105-561a1d2fd5540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: HIT from Backend
status: 200
accept-ranges: bytes
cf-ray: 48a7bbc9eb41c2d8-FRA
content-length: 261

GET
H2 200 vpaQNA.png
instagramasistance.com/login_files/ 15 KB
15 KB 11ms
11ms Image
image/png 2606:4700:30::6818:70f4
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instagramasistance.com/login_files/vpaQNA.png
Requested by: Host: instagramasistance.com
URL: https://instagramasistance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6818:70f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de8c2729ae5603e5a54ebdf8bb76187a8c30d6100b3855853c58eef222f1473

Request headers

:path: /login_files/vpaQNA.png
pragma: no-cache
cookie: __cfduid=dcc07b8987d99eaf7870da3ecfd1c4e581545032341
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: instagramasistance.com
referer: https://instagramasistance.com/
:scheme: https
:method: GET
Referer: https://instagramasistance.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 17 Dec 2018 07:39:02 GMT
cf-cache-status: HIT
last-modified: Sun, 31 Dec 2017 12:15:40 GMT
server: cloudflare
etag: W/"3a77-561a1d2ee1300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT from Backend
content-type: image/png
status: 200
cache-control: public, max-age=14400
cf-ray: 48a7bbc9eb42c2d8-FRA
expires: Mon, 17 Dec 2018 11:39:02 GMT

GET
H2 200 6514c5e08593.js.indir Show response
instagramasistance.com/login_files/ 265 B
239 B 53ms
51ms Script
application/javascript 2606:4700:30::6818:70f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://instagramasistance.com/login_files/6514c5e08593.js.indir
Requested by: Host: instagramasistance.com
URL: https://instagramasistance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6818:70f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51903e74e48f14bd68842fff5b75898a55dcb9db35fee09a810da9660948f5c7

Request headers

:path: /login_files/6514c5e08593.js.indir
pragma: no-cache
cookie: __cfduid=dcc07b8987d99eaf7870da3ecfd1c4e581545032341
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: instagramasistance.com
referer: https://instagramasistance.com/
:scheme: https
:method: GET
Referer: https://instagramasistance.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 17 Dec 2018 07:39:02 GMT
content-encoding: br
last-modified: Sun, 31 Dec 2017 12:15:42 GMT
server: cloudflare
etag: W/"109-561a1d30c9780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: HIT from Backend
content-type: application/javascript
status: 200
cf-ray: 48a7bbc9eb3ac2d8-FRA

GET
H2 200 fc3c22cf2d67.js.indir Show response
instagramasistance.com/login_files/ 265 B
257 B 15ms
14ms Script
application/javascript 2606:4700:30::6818:70f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://instagramasistance.com/login_files/fc3c22cf2d67.js.indir
Requested by: Host: instagramasistance.com
URL: https://instagramasistance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6818:70f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3688a70679af56e3717822936a22aebb496634ce0cf91e90bc4b74dc31e74bb

Request headers

:path: /login_files/fc3c22cf2d67.js.indir
pragma: no-cache
cookie: __cfduid=dcc07b8987d99eaf7870da3ecfd1c4e581545032341
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: instagramasistance.com
referer: https://instagramasistance.com/
:scheme: https
:method: GET
Referer: https://instagramasistance.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 17 Dec 2018 07:39:02 GMT
content-encoding: br
last-modified: Sun, 31 Dec 2017 12:15:41 GMT
server: cloudflare
etag: W/"109-561a1d2fd5540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: HIT from Backend
content-type: application/javascript
status: 200
cf-ray: 48a7bbc9eb3cc2d8-FRA

GET
H2 200 f1abf980aaf5.js.indir Show response
instagramasistance.com/login_files/ 265 B
240 B 34ms
33ms Script
application/javascript 2606:4700:30::6818:70f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://instagramasistance.com/login_files/f1abf980aaf5.js.indir
Requested by: Host: instagramasistance.com
URL: https://instagramasistance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6818:70f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52c460b16104bf5bef73d89030df6c3283d3c1a12b8fa7e615638ef8371b29c8

Request headers

:path: /login_files/f1abf980aaf5.js.indir
pragma: no-cache
cookie: __cfduid=dcc07b8987d99eaf7870da3ecfd1c4e581545032341
origin: https://instagramasistance.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: instagramasistance.com
referer: https://instagramasistance.com/
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://instagramasistance.com/
Origin: https://instagramasistance.com

Response headers

date: Mon, 17 Dec 2018 07:39:02 GMT
content-encoding: br
last-modified: Sun, 31 Dec 2017 12:15:42 GMT
server: cloudflare
etag: W/"109-561a1d30c9780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: HIT from Backend
content-type: application/javascript
status: 200
cf-ray: 48a7bbc9eb3dc2d8-FRA

GET
H2 200 8d4b99281427.js.indir Show response
instagramasistance.com/login_files/ 265 B
256 B 32ms
32ms Script
application/javascript 2606:4700:30::6818:70f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://instagramasistance.com/login_files/8d4b99281427.js.indir
Requested by: Host: instagramasistance.com
URL: https://instagramasistance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6818:70f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4c205fea051bd3a831ca7ac63cf80eec7eb19588ab7a8615bad05b8f40008c9

Request headers

:path: /login_files/8d4b99281427.js.indir
pragma: no-cache
cookie: __cfduid=dcc07b8987d99eaf7870da3ecfd1c4e581545032341
origin: https://instagramasistance.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: instagramasistance.com
referer: https://instagramasistance.com/
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://instagramasistance.com/
Origin: https://instagramasistance.com

Response headers

date: Mon, 17 Dec 2018 07:39:02 GMT
content-encoding: br
last-modified: Sun, 31 Dec 2017 12:15:42 GMT
server: cloudflare
etag: W/"109-561a1d30c9780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: HIT from Backend
content-type: application/javascript
status: 200
cf-ray: 48a7bbc9eb3ec2d8-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 51 KB
15 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: instagramasistance.com
URL: https://instagramasistance.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://instagramasistance.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 14861
x-xss-protection: 0
pragma: public
x-fb-debug: CxO47+uNl8iX7LkH7BtiH3tduImNaj4xf718zPdDrcL9r1ml+GumDGd02Z0W5zSDol3qoVya5H4yr5QKyv+gAQ==
date: Mon, 17 Dec 2018 07:39:02 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1425767024389221 Show response
connect.facebook.net/signals/config/ 162 KB
42 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1425767024389221?v=2.8.35&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

e393d129c1a548de311db1a171d7da1f02a3003160b84b879256f06080a942ff

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://instagramasistance.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 42895
x-xss-protection: 0
pragma: public
x-fb-debug: HTjgiCZ+PShnvDCceo6z1Ro7447oQ9DCfxZZU5gfV56PoayrUoW/7OtKBDVSC7BjpVRqd7v8LE3Z8hrLAZWaPA==
date: Mon, 17 Dec 2018 07:39:02 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
245 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1425767024389221&ev=PageView&dl=https%3A%2F%2Finstagramasistance.com%2F&rl=&if=false&ts=1545032342154&sw=1600&sh=1200&v=2.8.35&r=stable&ec=0&o=30&it=1545032342128&coo=false
Requested by: Host: instagramasistance.com
URL: https://instagramasistance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://instagramasistance.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 17 Dec 2018 07:39:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 17 Dec 2018 07:39:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
245 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1425767024389221&ev=Microdata&dl=https%3A%2F%2Finstagramasistance.com%2F&rl=&if=false&ts=1545032343657&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22%5CnInstagram%5Cn%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.35&r=stable&ec=1&o=30&it=1545032342128&coo=false&es=automatic
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://instagramasistance.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 17 Dec 2018 07:39:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 17 Dec 2018 07:39:03 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Instagram (Social Network)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.instagramasistance.com/	1970-01-19 05:56:08	Name: __cfduid Value: dcc07b8987d99eaf7870da3ecfd1c4e581545032341

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
instagramasistance.com
www.facebook.com
2606:4700:30::6818:70f4
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2abe861caf51ab1391dbb25a2cc08c44009818a403a6ecbf47af715a1d85a247
50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775
51903e74e48f14bd68842fff5b75898a55dcb9db35fee09a810da9660948f5c7
52c460b16104bf5bef73d89030df6c3283d3c1a12b8fa7e615638ef8371b29c8
86f7ea6a516d11a81d8028d7bd638170b11dc5b8dc3209bcab0445bae3755800
9de8c2729ae5603e5a54ebdf8bb76187a8c30d6100b3855853c58eef222f1473
a4c205fea051bd3a831ca7ac63cf80eec7eb19588ab7a8615bad05b8f40008c9
a6108dedff1580258d0eb04989e42b207209f143c78efb03bf54bfa101fb7c9f
d3688a70679af56e3717822936a22aebb496634ce0cf91e90bc4b74dc31e74bb
e393d129c1a548de311db1a171d7da1f02a3003160b84b879256f06080a942ff
e5e4d2c83946aa7982dee233b51b5210c6192a99e8e3715d2be2470c67869457
e8c867518a192f73abfd3479e81dde4ffa58dffb7feb1666465edc2b84355ab5

instagramasistance.com Open in urlscan Pro 2606:4700:30::6818:70f4 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

152 kBTransfer

407 kBSize

1 Cookies

2 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

1 Cookies

Indicators

instagramasistance.com Open in urlscan Pro
2606:4700:30::6818:70f4 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

152 kB
Transfer

407 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!