# instasupport-nine.vercel.app — MALICIOUS

> instasupport-nine.vercel.app is a dangerous phishing site. Avoid interaction and never share personal info. Stay safe by steering clear of this offline domain.

## Summary
PhishDestroy identifies instasupport-nine.vercel.app as a high-risk phishing domain impersonating Instagram. This threat is significant because it aims to deceive users into divulging sensitive credentials or personal data, potentially leading to account compromise or identity theft. Phishing campaigns like this exploit user trust in popular platforms, making awareness and caution critical for online safety.

The domain was registered on March 6, 2026, through Vercel Inc. and resolved to IP address 64.29.17.131. It appeared on one security blocklist and was flagged by 21 of 95 VirusTotal security vendors, confirming its malicious nature. Currently, the domain is offline, likely taken down due to its fraudulent activity, reducing immediate risk. However, similar domains may emerge, so ongoing vigilance is necessary.

Users should avoid accessing or interacting with instasupport-nine.vercel.app, especially refraining from entering any login or personal information. If users suspect they have submitted data to this or related domains, they should immediately change their passwords and enable two-factor authentication on their accounts. Staying informed about phishing tactics and verifying URLs before clicking are essential steps to protect oneself from such cyber threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP ?)
- Page title: Instagram

## Domain Intelligence
- Registered: 2026-03-06 13:07:01
- Registrar: Vercel Inc.
- Country: US
- IP: 64.29.17.131
- IP Country: US
- IP City: Walnut
- IP Org: AS16509 Amazon.com, Inc.
- Nameservers: NS_NOT_FOUND
- SSL Issuer: Google Trust Services / WR1

## Detection Status
- VirusTotal: 21 vendors flagged
  Vendors: ["ADMINUSLabs", "Criminal IP", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "Mimecast", "Netcraft", "OpenPhish", "Sophos", "Trustwave", "URLQuery", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/hr1vdkP/3ea7f40a56dc.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/instasupport-nine.vercel.app
- Wayback Machine: https://web.archive.org/web/https://instasupport-nine.vercel.app
- PhishDestroy: https://phishdestroy.io/domain/instasupport-nine.vercel.app/
- LLM endpoint: https://phishdestroy.io/domain/instasupport-nine.vercel.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/instasupport-nine.vercel.app/
Last updated: 2026-03-19