indexo.dev

pictame.com

.com crawl

First seen 2026-05-20 · Last seen 2026-05-30 · ok HTTP/1.1 200 433 ms crawled 2026-05-27

US · 104.26.5.24 · AS13335 Cloudflare, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Pictame - Instagram Anonymous Viewer & Downloader
Description
Browse Instagram profiles, stories, and reels anonymously. Download content, analyze engagement rates, and explore trending posts. No login required. private and free.
Language
en
Canonical
https://pictame.com/en
Translations
  • ar
  • de
  • en
  • es
  • fr
  • it
  • ja
  • pt
  • ru
  • tr

Open Graph

title
Pictame - Instagram Anonymous Viewer & Downloader
locale
en
site name
Pictame
description
Browse Instagram profiles, stories, and reels anonymously. Download content, analyze engagement rates, and explore trending posts. No login required. private and free.

Technology

CDN
Cloudflare
CMS
Next.js
Analytics
  • Cloudflare Insights
  • Google Tag Manager

Third-party hosts loaded (5)

  • images.unsplash.com×12
  • live.demand.supply×2
  • www.googletagmanager.com×2
  • static.cloudflareinsights.com×1
  • ui-avatars.com×1

Social

Contact

Email

Registration

Registrar
NameCheap, Inc.
Created
2017-05-29
Expires
2027-05-29 362 days left
Updated
2026-01-18
Name servers
  • adel.ns.cloudflare.com
  • rajeev.ns.cloudflare.com

DNS records live

NS
  • adel.ns.cloudflare.com
  • rajeev.ns.cloudflare.com
MX
  • 10 mx.yandex.net
Verified for
  • Google
  • Pinterest
  • Yandex

Email authentication weak

SPF
v=spf1 redirect=_spf.yandex.net
missing all
DMARC
not published
DKIM
  • mail: v=DKIM1; k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0eQXZescdkNNzeaiuE4NkRAaWqrTPTkL9GLMryiINTUQiT9dy8JykdosevtyqIQt9tNTGw4z3xNPrB…
selectors probed

Certificate (current)

WE1
from 2026-05-16 to 2026-08-14
Expires in 74 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://pictame.com/en

present
  • content-security-policy
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
Header values
referrer-policy
strict-origin-when-cross-origin
permissions-policy
geolocation=(), microphone=(), camera=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'self' 'unsafe-inline' https:; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' data: blob: https: http:; media-src 'self' blob: https:; connect-src 'self' https:; frame-src 'self' https:; frame-ancestors 'self' https://*.pinterest.com;

Links to (6)

Linked from (2)