https://www.instagram.com/kalim_shkk?igsh=dzJxeTg1Yjc2aXNr
57.144.74.34 · Meta Platforms Ireland Limited
Ashburn, United States
8034 days
200 · 25.9s
Valid· DigiCert Global G2 TLS RSA SHA256 2020 CA1, DigiCert Inc, US
COMPLETED
Domain Intelligence: instagram.com
Scanned 4 times since Mar 13, 2026, 03:04 PM UTC
Registered-domain escalation
Submit instagram.com as the primary IOC, enriched with evidence from hostile subdomains like www.instagram.com.
No KB/IOK detections were recorded for this scan.
Technology · 7/19/2026
The page is hosted on the official Instagram domain (www.instagram.com) and shows an Instagram profile. The screenshot indicates a modal prompting sign-up/login with Instagram branding, not an impersonation. However, the scan evidence reveals extensive API and AJAX activity to Instagram endpoints, which is typical of the real service. No definitive credential harvesting form or phishing UI is observed in the static HTML screenshot provided, and the domain appears legitimate with valid DigiCert certificates and an aged domain. Given the evidence, this appears to be first-party Instagram content rather than impersonation, though the presence of a sign-up modal could be leveraged in abuse scenarios if misused on a clone page, which is not demonstrated here.
Capture
Stages: 3
Canonical: Late Render (+3s)
Changed: No
Credential Signals
Forms: 1
Password fields: 0
Late-stage login UI: No
Resource Signals
Resources: 54
Hosts: 4
Domains: 3
Suspicious Endpoints
hxxps://www[.]instagram[.]com/api/graphql
hxxps://www[.]instagram[.]com/api/v1/users/web_profile_info/?username=kalim_shkk
hxxps://www[.]instagram[.]com/api/v1/web/get_ruling_for_content/?content_type=PROFILE&target_id=74843059294
hxxps://www[.]instagram[.]com/kalim_shkk?igsh=dzJxeTg1Yjc2aXNr
No suspicious indicators identified
The scan did not identify phishing indicators such as a credential collection form targeting users or a clone domain impersonating a separate brand. The page appears to be the legitimate Instagram profile interface loaded in a standard browser context, with mixed API interactions typical of a real service. Monitor for unusual behavior such as off-domain credential harvests or unexpected brand impersonation signals, but current evidence supports a first-party Instagram page with normal user onboarding modal elements. Recommend continued observation for any signs of misuse or impersonation on a different domain or cloned page.
Monitor