urlscan.io logo urlscan.io
SecurityTrails logo

instadis.s3-website.ap-south-1.amazonaws.com Open in urlscan Pro
16.12.40.16  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://instadis.s3-website.ap-south-1.amazonaws.com/
Submission: On January 02 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 16.12.40.16, located in Mumbai, India and belongs to AMAZON-02, US. The main domain is instadis.s3-website.ap-south-1.amazonaws.com.
This is the only time instadis.s3-website.ap-south-1.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Instagram (Social Network)

Domain & IP information

IP Address AS Autonomous System
2 16.12.40.16 16509 (AMAZON-02)
1 2620:0:861:ed... 14907 (WIKIMEDIA)
2 2a03:2880:f21... 32934 (FACEBOOK)
5 3
Apex Domain
Subdomains		 Transfer
2 instagram.com
www.instagram.com — Cisco Umbrella Rank: 1821
13 KB
2 amazonaws.com
instadis.s3-website.ap-south-1.amazonaws.com
12 KB
1 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 3814
32 KB
5 3
Domain Requested by
2 www.instagram.com instadis.s3-website.ap-south-1.amazonaws.com
2 instadis.s3-website.ap-south-1.amazonaws.com instadis.s3-website.ap-south-1.amazonaws.com
1 upload.wikimedia.org instadis.s3-website.ap-south-1.amazonaws.com
5 3

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
itunes.apple.com
play.google.com
about.instagram.com
help.instagram.com
Subject Issuer Validity Valid
*.wikipedia.org
R3		 2023-12-20 -
2024-03-19		 3 months crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2023-10-11 -
2024-01-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://instadis.s3-website.ap-south-1.amazonaws.com/
Frame ID: 92EF5FF1A633050F9850145B6F4CDB6C
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Instagram

Page Statistics

5
Requests

60 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

57 kB
Transfer

56 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
instadis.s3-website.ap-south-1.amazonaws.com/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://instadis.s3-website.ap-south-1.amazonaws.com/
Protocol
HTTP/1.1
Server
16.12.40.16 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-website.ap-south-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5767785b9fa8ea1e22e893a84d0841b20105f1be5394bf1396d6ba88321d63fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
4980
Content-Type
text/html
Date
Tue, 02 Jan 2024 09:24:51 GMT
ETag
"41550a642d8532f0b4ed729f1244788a"
Last-Modified
Tue, 13 Jun 2023 02:00:33 GMT
Server
AmazonS3
x-amz-id-2
CATnflyfm+BcckZrNloMDKuQKopvk5QBt/9Uy6Rcf6e5hyngw7Gx+/XP/8u3Ttpe1em3QxDRksc=
x-amz-request-id
SSQGQ01PMPHH52ZJ
css.css
instadis.s3-website.ap-south-1.amazonaws.com/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://instadis.s3-website.ap-south-1.amazonaws.com/css.css
Requested by
Host: instadis.s3-website.ap-south-1.amazonaws.com
URL: http://instadis.s3-website.ap-south-1.amazonaws.com/
Protocol
HTTP/1.1
Server
16.12.40.16 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-website.ap-south-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4811617781cf8c91217c5cadcb25ea7c67a62b8a19c1222a71e41b0169c818c1

Request headers

accept-language
en-US,en;q=0.9
Referer
http://instadis.s3-website.ap-south-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 09:24:51 GMT
Last-Modified
Tue, 13 Jun 2023 02:00:32 GMT
Server
AmazonS3
x-amz-request-id
SSQM9Z0VD1Z4CPNR
ETag
"43e3843e6ebaf2768879113ce98959bf"
Content-Type
text/css
Content-Length
6522
x-amz-id-2
F0u1NFKVy39Hd1eIGan2mEsoEjKWVW/cQBE68xItnP7U+JNu+sCI0BJfbUdbPHAlJAscjxv4xoo=
1200px-Instagram_logo.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/2/2a/Instagram_logo.svg/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/2/2a/Instagram_logo.svg/1200px-Instagram_logo.svg.png
Requested by
Host: instadis.s3-website.ap-south-1.amazonaws.com
URL: http://instadis.s3-website.ap-south-1.amazonaws.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:861:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/9.1.4 /
Resource Hash
d395c70ea9084bcdc2b176cb09936ca554d7742af04105c5430e1ae9985a2c0e
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://instadis.s3-website.ap-south-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 10:17:34 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
83235
x-cache-status
hit-front
x-cache
cp1107 hit, cp1107 hit/25
content-disposition
inline;filename*=UTF-8''Instagram_logo.svg.png
server-timing
cache;desc="hit-front", host;desc="cp1107"
content-length
31548
x-client-ip
2001:550:1d05:1::11
last-modified
Mon, 06 Feb 2023 20:09:44 GMT
server
ATS/9.1.4
etag
0c1c40ecaf67b948aedc0b7bc440dd26
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*
4b70f6fae447.png
www.instagram.com/static/images/appstore-install-badges/badge_ios_english-en.png/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.instagram.com/static/images/appstore-install-badges/badge_ios_english-en.png/4b70f6fae447.png
Requested by
Host: instadis.s3-website.ap-south-1.amazonaws.com
URL: http://instadis.s3-website.ap-south-1.amazonaws.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f212:1e4:face:b00c:0:4420 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
14c09561486ba385a8a62bc0a8b41e03638a6334648113a7f28be47271eccb5e

Request headers

accept-language
en-US,en;q=0.9
Referer
http://instadis.s3-website.ap-south-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:58:14 GMT
content-encoding
br
etag
"4b70f6fae447"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
3522
f06b908907d5.png
www.instagram.com/static/images/appstore-install-badges/badge_android_english-en.png/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.instagram.com/static/images/appstore-install-badges/badge_android_english-en.png/f06b908907d5.png
Requested by
Host: instadis.s3-website.ap-south-1.amazonaws.com
URL: http://instadis.s3-website.ap-south-1.amazonaws.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f212:1e4:face:b00c:0:4420 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
583714033cab0d76045a8d4bbfb2326983f40d5c2cfa239e9527da9617686e6b

Request headers

accept-language
en-US,en;q=0.9
Referer
http://instadis.s3-website.ap-south-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 09:40:23 GMT
content-encoding
br
etag
"f06b908907d5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
9800

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Instagram (Social Network)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| la function| sendMessage

0 Cookies