https://www.instagram.com/dadyless_chulli?igsh=MTJqeTBrMzFqM3c3bg==
31.13.66.174 · Facebook, Inc
Ashburn, United States
8046 days
200 · 23.2s
Valid· DigiCert Global G2 TLS RSA SHA256 2020 CA1, DigiCert Inc, US
COMPLETED
Domain Intelligence: instagram.com
Scanned 4 times since Mar 13, 2026, 03:04 PM UTC
Registered-domain escalation
Submit instagram.com as the primary IOC, enriched with evidence from hostile subdomains like www.instagram.com.
No KB/IOK detections were recorded for this scan.
Social Media · 7/19/2026
The page presents Instagram branding and content on the domain www.instagram.com with an official-looking UI. The screenshot shows a modal-like UI that resembles legitimate Instagram sign-up prompts. However, the URL points to an Instagram profile (dadyless_chulli) and the content appears to be the authentic Instagram surface rather than a credential-grabbing impersonation. The presence of numerous legitimate Instagram endpoints in the network log and the valid DigiCert certificate for *.www.instagram.com further support first-party behavior. No explicit credential harvesting form was found in the static HTML, and the observed login-related assets appear to be part of the standard Instagram frontend. Given the evidence, this aligns with first-party Instagram content rather than a phishing impersonation at this time.
Capture
Stages: 3
Canonical: Late Render (+3s)
Changed: No
Credential Signals
Forms: 1
Password fields: 0
Late-stage login UI: No
Resource Signals
Resources: 51
Hosts: 4
Domains: 4
Suspicious Endpoints
hxxps://www[.]instagram[.]com/api/graphql
hxxps://www[.]instagram[.]com/api/v1/users/web_profile_info/?username=dadyless_chulli
hxxps://www[.]instagram[.]com/api/v1/web/get_ruling_for_content/?content_type=PROFILE&target_id=30332992516
hxxps://www[.]instagram[.]com/api/v1/discover/ayml/
hxxps://www[.]instagram[.]com/accounts/login/?next=/api/v1/discover/ayml/
hxxps://www[.]instagram[.]com/dadyless_chulli?igsh=MTJqeTBrMzFqM3c3bg%3D%3D
The scan indicates the page is served by Instagram itself with legitimate branding and network activity to Instagram APIs. No definitive credential collection form or data exfiltration target was observed in the static HTML; the modal UI appears to be part of the legitimate Instagram onboarding or profile viewing experience rather than a credential phishing page. While the screenshot shows a sign-up modal, it is consistent with standard Instagram UX on the official domain. Monitor for anomalous redirects or off-domain assets in future scans, but current evidence does not confirm phishing or abuse beyond normal social-media platform behavior.
Monitor