0/100

low Risk

www.instagram.com

https://www.instagram.com/_yuvraj_jadam_/

31.13.66.174 · Meta Platforms Ireland Limited

Location

Ashburn, United States

Domain Age

8011 days

HTTP

200 · 24.7s

SSL

Valid· DigiCert Global G2 TLS RSA SHA256 2020 CA1, DigiCert Inc, US

Status

COMPLETED

Visual Evidence

Zoom

Title: "🔰𝐉𝐀𝐃𝐀𝐌 𝐒𝐀𝐇𝐀𝐁🔰 (@_yuvraj_jadam_) • Instagram photos and videos"

Save

Domain Intelligence: instagram.com

Scanned 2 times since Mar 13, 2026, 03:04 PM UTC

✓ Clean (0)

Registered-domain escalation

Submit instagram.com as the primary IOC, enriched with evidence from hostile subdomains like www.instagram.com.

KB/IOK Matches (0)—

No KB/IOK detections were recorded for this scan.

Instagram

Unknown

Technology · 6/3/2026

Summary

The scan targets an Instagram user page (https://www.instagram.com/_yuvraj_jadam_/). The page appears to be the legitimate Instagram profile UI rather than a phishing login page, with valid Instagram branding and content hosted on official domains. No credential harvesting form is observed in the static HTML, and the page shows typical Instagram feed endpoints and scripts. There is no clear impersonation of a different brand; the branding aligns with Instagram, and the domain resolves to Instagram infrastructure. Given the evidence, there is no substantiated phishing or impersonation present in the captured data, though the page loads numerous external Instagram assets and makes multiple API calls as part of normal operation.

Evidence Summary

▸Observed 3 capture stage(s); canonical stage is late_render_3s.

▸POST targets observed during capture: https://www.instagram.com/ajax/qm/?__a=1&__user=0&__comet_req=7&jazoest=22448, https://www.instagram.com/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=7&__crn=comet.igweb.PolarisProfileRoute&__d=www&__hs=20585.HYP%3Ainstagram_web_pkg.2.1...0&__hsi=7638893910852346968&__req=3&__rev=1039300966&__s=61pb38%3Abcg63w%3Axyry2b&__spin_b=trunk&__spin_r=1039300966&__spin_t=1778568586&__user=0&dpr=1&jazoest=22448&lsd=AdRrdwtNsynwf9HUyBXNIaWQDN8&ph=C3, https://www.instagram.com/api/graphql.

▸Distinctive asset clues: qm, xjkD6ipJHHA.js, MVZJxz1G49Y_jJK90a39bx87uof4KxMhSPvJg89IT9OsT0QyApb4vzQ3SMzIzQoImkU27qY87dge1fgQe914iiBfONMKn3YhINqU49pVNahkCk6uXXML-dVP5QvuWABIjhhRs97xFZK--hBruhBENOpKm_.css, BPT7EIg0zKw.css, 671663109_17915445027359498_4420043866115943358_n.jpg.

Capture

Stages: 3

Canonical: Late Render (+3s)

Changed: No

Credential Signals

Forms: 1

Password fields: 0

Late-stage login UI: No

Resource Signals

Resources: 50

Hosts: 4

Domains: 3

Suspicious Endpoints

hxxps://www[.]instagram[.]com/api/graphql

hxxps://www[.]instagram[.]com/api/v1/users/web_profile_info/?username=_yuvraj_jadam_

hxxps://www[.]instagram[.]com/api/v1/web/get_ruling_for_content/?content_type=PROFILE&target_id=70753239497

hxxps://www[.]instagram[.]com/_yuvraj_jadam_/

Observed Signals (1)

No visible credential capture form in static HTML; forms present are not configured for login capture.

Observed Indicators (1)

▸No login form or password field detected in static HTML; credential signals are absent in the initial DOM.

Risk AssessmentUsed in abuse reports

The domain and content points to a standard Instagram profile page, not an impersonation of a different brand. The page loads official Instagram assets and makes normal API calls; there is no evidence of a credential harvesting form or impersonated branding in the captured HTML. The presence of heavy script loading and multiple API endpoints is consistent with a legitimate social media profile page rather than a phishing page. Monitor for any future changes or off-domain branding, but current evidence does not indicate abuse beyond standard profile viewing. If additional context reveals deceptive overlays or alternate domain usage, reassess.

Recommended Action

Monitor

Cross-Reference8

URL Intelligence