Summary
A Concise Overview of the scan result of url https://www.instagram.com/yu01kr.off?igsh=mxnpmdv0dmm5b2ewyq==
- Document
- HTML
- 1
- StyleSheets
- 3
- Scripts
- 7
- Font
- 0
- Images
- 1
- Links
- 0
- JavaScript Variables
- 31
- Console log messages
- 0
- Network
- Requests
- 12
- Bytes Transferred
- 124.1KB
- Bytes Total
- 585.55KB
- DNS Record
- CNAME Record
- 2
- A Record
- 1
- AAAA Record
- 1
- Technology
- Security
- 1
- Miscellaneous
- 1
Document
Links
The outgoing links identified from the page.
| Link | Text |
|---|
JavaScript Variables
Global JavaScript variables are variables that are defined outside of any function or block scope in JavaScript.
Technology
The technologies identified are present on the scanned URL.
| Name | Description | Detected patterns |
|---|---|---|
| Security | ||
| HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS. | Type: headers Name: strict-transport-security Regex: (?:) | |
| Miscellaneous | ||
HTTP/3 | HTTP/3 is the third major version of the Hypertext Transfer Protocol used to exchange information on the World Wide Web. | Type: headers Name: alt-svc Regex: h3 |
Performance
The speed and efficiency of the scanned URL loads and displays its content.
- dns
- 1 msGood
- tcp
- 1 msGood
- requestTime
- 63 msGood
- dom
- 273 msGood
DNS Record
A DNS record maps a domain name to an IP address or other resource information.
| Type | Name | Content | DNSSEC |
|---|---|---|---|
| CNAME | www.instagram.com | z-p42-instagram.c10r.instagram.com. | no |
| A | z-p42-instagram.c10r.instagram.com | 57.144.254.34 | no |
| CNAME | www.instagram.com | z-p42-instagram.c10r.instagram.com. | no |
| AAAA | z-p42-instagram.c10r.instagram.com | 2a03:2880:f27b:e1:face:b00c:0:4420 | no |
SSL Certificate
An SSL certificate is a digital certificate that verifies the authenticity and encrypts the communication between a website and its visitors.
| Subject | Issue date | Expiry date | Valid |
|---|---|---|---|
www.instagram.com | 7/13/2026 | 7/14/2027 | 1 year 1 day |
static.cdninstagram.com | 7/13/2026 | 7/14/2027 | 1 year 1 day |
HTTP Headers
HTTP Header
An HTTP header is a component of an HTTP request or response that contains additional information about the message being sent or received.
| Name | Value |
|---|---|
| Alt-Svc | h3=":443"; ma=86400 |
| Cache-Control | private, no-cache, no-store, must-revalidate |
| Connection | keep-alive |
| Content-Encoding | zstd |
| Content-Type | text/html; charset="utf-8" |
| Date | Tue, 14 Jul 2026 20:01:50 GMT |
| Expires | Sat, 01 Jan 2000 00:00:00 GMT |
| Pragma | no-cache |
| Strict-Transport-Security | max-age=31536000; preload; includeSubDomains |
| Transfer-Encoding | chunked |
| Vary | Accept-Encoding |
| X-Content-Type-Options | nosniff |
| X-FB-Connection-Quality | EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1368, tbw=3717, tp=-1, tpl=-1, uplat=130, ullat=0 |
| X-FB-Debug | EPNqP3brh8ilay138NZErl6GqT6dUJV1JMl4Ol2cCjYcv4Llqpj+5cBN1lD52rqat4FG6StG3kSILwTsAUsZrA== |
| X-Frame-Options | DENY |
| X-XSS-Protection | 0 |
| accept-ch | viewport-width,dpr,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model |
| accept-ch-lifetime | 4838400 |
| content-security-policy | default-src *.facebook.com *.fbcdn.net *.instagram.com blob:;script-src *.instagram.com static.cdninstagram.com z-p42-static.cdninstagram.com https://instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com blob: *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-3cJgGLQZ' 'self' 'wasm-unsafe-eval' https://*.google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src *.instagram.com static.cdninstagram.com z-p42-static.cdninstagram.com https://*.www.instagram.com data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com https://accounts.google.com;connect-src *.instagram.com wss://edge-chat.instagram.com connect.facebook.net https://instagram.com https://*.www.instagram.com https://*.graph.instagram.com https://*.i.instagram.com https://*.od.instagram.com https://i.threads.net https://i.threads.com https://*.od.threads.net https://*.od.threads.com wss://www.instagram.com blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* *.cdninstagram.com wss://*.instagram.com:* 'self' *.ipification.com https://accounts.google.com;font-src *.instagram.com static.cdninstagram.com z-p42-static.cdninstagram.com data: *.fbcdn.net *.intern.facebook.com *.facebook.com https://*.cdninstagram.com https://fonts.gstatic.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: *.cdninstagram.com *.whatsapp.net blob: https://*.threads.net https://*.threads.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com *.giphy.com *.tenor.co *.tenor.com www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk https://www.gstatic.com https://*.google-analytics.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com *.fbsbx.com data: blob: https://*.giphy.com *.tenor.co *.tenor.com;child-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;frame-src https://instagram.com https://connect.facebook.net *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data: *.ipification.com www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk;manifest-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;object-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;block-all-mixed-content;upgrade-insecure-requests; |
| cross-origin-opener-policy | same-origin-allow-popups |
| document-policy | include-js-call-stacks-in-crash-reports |
| origin-agent-cluster | ?1 |
| report-to | {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown&brsid=7662476391820559668&cpp=C3&cv=1043132952&st=1784059310749"}]} |
| reporting-endpoints | coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown&brsid=7662476391820559668&cpp=C3&cv=1043132952&st=1784059310749" |
| x-stack | www |
Content Security Policy
Content Security Policy (CSP) is a security mechanism that helps prevent cross-site scripting (XSS) and other code injection attacks by specifying which content sources are allowed to be loaded on a web page.
| Name | Value |
|---|---|
| default-src | *.facebook.com*.fbcdn.net*.instagram.comblob:;script-src*.instagram.comstatic.cdninstagram.comz-p42-static.cdninstagram.comhttps://instagram.comhttps://*.www.instagram.comhttps://*.cdninstagram.comwss://www.instagram.comblob:*.facebook.com*.fbcdn.net*.facebook.net127.0.0.1:*'nonce-3cJgGLQZ''self''wasm-unsafe-eval'https://*.google-analytics.comhttps://translate.google.comhttps://apis.google.comhttps://accounts.google.com;style-src*.instagram.comstatic.cdninstagram.comz-p42-static.cdninstagram.comhttps://*.www.instagram.comdata:blob:'unsafe-inline'*.fbcdn.net*.facebook.comhttps://accounts.google.com;connect-src*.instagram.comwss://edge-chat.instagram.comconnect.facebook.nethttps://instagram.comhttps://*.www.instagram.comhttps://*.graph.instagram.comhttps://*.i.instagram.comhttps://*.od.instagram.comhttps://i.threads.nethttps://i.threads.comhttps://*.od.threads.nethttps://*.od.threads.comwss://www.instagram.comblob:*.facebook.comfacebook.com*.fbcdn.net*.facebook.netwss://*.facebook.com:*ws://localhost:**.cdninstagram.comwss://*.instagram.com:*'self'*.ipification.comhttps://accounts.google.com;font-src*.instagram.comstatic.cdninstagram.comz-p42-static.cdninstagram.comdata:*.fbcdn.net*.intern.facebook.com*.facebook.comhttps://*.cdninstagram.comhttps://fonts.gstatic.com;img-src*.instagram.com*.facebook.com*.fbcdn.netdata:*.cdninstagram.com*.whatsapp.netblob:https://*.threads.nethttps://*.threads.com*.fbsbx.comandroid-webview-video-poster:*.oculuscdn.com*.giphy.com*.tenor.co*.tenor.comwww.googleadservices.com*.doubleclick.net*.google.com*.google.co.ukhttps://www.gstatic.comhttps://*.google-analytics.com;media-src*.facebook.com*.fbcdn.net*.instagram.com*.cdninstagram.com*.fbsbx.comdata:blob:https://*.giphy.com*.tenor.co*.tenor.com;child-src*.facebook.com*.fbcdn.net*.instagram.comdata:blob:;frame-srchttps://instagram.comhttps://connect.facebook.net*.instagram.com*.facebook.com*.fbsbx.comfbsbx.comdata:*.ipification.comwww.googleadservices.com*.doubleclick.net*.google.com*.google.co.uk;manifest-src*.facebook.com*.fbcdn.net*.instagram.comdata:blob:;object-src*.facebook.com*.fbcdn.net*.instagram.comdata:blob:;block-all-mixed-content;upgrade-insecure-requests |
Cookies
Cookies are small pieces of data stored on a user's web browser to track and remember information about their browsing activity on a website.
| Name | Value | Domain/Path | Expires | Secure | HTTP Only |
|---|---|---|---|---|---|
| csrftoken | [csrftoken redacted] | .instagram.com/ | 8/18/2027, 8:01:50 PM | yes | no |
| datr | rpVWajCaj9oIDnnimc0be3OE | .instagram.com/ | 8/18/2027, 8:01:50 PM | yes | yes |
| ig_did | C39969E4-6CD8-4811-BB79-9B24C49A9EC4 | .instagram.com/ | 7/14/2027, 8:01:50 PM | yes | yes |
| mid | alaVrgALAAFBuFuU3AwMvfb2w75b | .instagram.com/ | 8/18/2027, 8:01:50 PM | yes | yes |