urlscan.io logo urlscan.io
SecurityTrails logo

api.whatsapp.com Open in urlscan Pro
2a03:2880:f227:2c5:face:b00c:0:167  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dev.govcreative.com/o.php?baynsb9a
Effective URL: https://api.whatsapp.com/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoek...
Submission: On September 15 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 4 domains to perform 14 HTTP transactions. The main IP is 2a03:2880:f227:2c5:face:b00c:0:167, located in Chicago, United States and belongs to FACEBOOK, US. The main domain is api.whatsapp.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on June 25th 2021. Valid for: 3 months.
This is the only time api.whatsapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 184.168.100.46 26496 (AS-26496-...)
1 1 2a03:2880:f23... 32934 (FACEBOOK)
2 2a03:2880:f22... 32934 (FACEBOOK)
12 2a03:2880:f03... 32934 (FACEBOOK)
14 2
Apex Domain
Subdomains		 Transfer
12 fbcdn.net
static.xx.fbcdn.net
183 KB
2 whatsapp.com
api.whatsapp.com
35 KB
1 wa.me
wa.me
873 B
1 govcreative.com
dev.govcreative.com
470 B
14 4
Domain Requested by
12 static.xx.fbcdn.net api.whatsapp.com
static.xx.fbcdn.net
2 api.whatsapp.com static.xx.fbcdn.net
1 wa.me 1 redirects
1 dev.govcreative.com 1 redirects
14 4
Subject Issuer Validity Valid
*.whatsapp.net
DigiCert SHA2 High Assurance Server CA		 2021-06-25 -
2021-09-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://api.whatsapp.com/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx
Frame ID: 76626606ADEA88C65721918096BC96AC
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Seite nicht gefunden

Page URL History Show full URLs

  1. http://dev.govcreative.com/o.php?baynsb9a HTTP 301
    https://wa.me/baiuryr/?xuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.... HTTP 302
    https://api.whatsapp.com/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozh... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

14
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

2
IPs

3
Countries

218 kB
Transfer

928 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dev.govcreative.com/o.php?baynsb9a HTTP 301
    https://wa.me/baiuryr/?xuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx HTTP 302
    https://api.whatsapp.com/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
api.whatsapp.com/resolve/
Redirect Chain
  • http://dev.govcreative.com/o.php?baynsb9a
  • https://wa.me/baiuryr/?xuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx
  • https://api.whatsapp.com/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx
154 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.whatsapp.com/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f227:2c5:face:b00c:0:167 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1d3851ab19d05f70e737a05572c0baede78db3d25c5efb5c3358cc3bf05ff16d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.fbcdn.net;style-src 'self' data: blob: 'unsafe-inline' whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;connect-src 'self' data: blob: https://*.whatsapp.com;font-src data: https://*.fbcdn.net;img-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;frame-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
api.whatsapp.com
:scheme
https
:path
/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

vary
Accept-Encoding
content-encoding
br
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy
default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.fbcdn.net;style-src 'self' data: blob: 'unsafe-inline' whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;connect-src 'self' data: blob: https://*.whatsapp.com;font-src data: https://*.fbcdn.net;img-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;frame-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
text/html; charset="utf-8"
x-fb-debug
tuftio7F9q1BTSsiEHXR8bX05tOBNyNeOTt2dL9decjuEB9v7xFthe+rkcN8VVRqm5InDmRNDgVgkn9iUsvlOA==
priority
u=3,i
x-fb-trip-id
1679558926
date
Wed, 15 Sep 2021 07:09:55 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location
https://api.whatsapp.com/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy
default-src 'self' 'unsafe-inline' data: blob: https://*.wa.me https://*.fbcdn.net;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
text/html; charset="utf-8"
x-fb-debug
N8WsBVT6/92iCBV0D5LCfanhsQf4xTf/8JINK5fuxW7Ax2FY+YDO8Nmw55aoqF0qhDBsbsNaAsWqo1hvGu2ydw==
content-length
0
priority
u=3,i
x-fb-trip-id
1679558926
date
Wed, 15 Sep 2021 07:09:50 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
2pHP5xrv6KN.css
static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/2pHP5xrv6KN.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b980336ae6233c5b062fbc04d7112da80a6e3228b6489db13916e39c5106dedf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3OzNsfaCpGEIjp3wejfhlQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1506
x-fb-rlafr
0
x-fb-debug
Y65iuCxA5eR7uGRwpCQeZUkN04irqggRskcG9aD5iAGhEMWvGXsQEqUKZVy3pCKJEDH+MOYj1U/HAhEqAkpAqQ==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 07 Sep 2022 16:26:12 GMT
SISFTiWCUXZ.css
static.xx.fbcdn.net/rsrc.php/v3/yi/l/0,cross/ 		221 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yi/l/0,cross/SISFTiWCUXZ.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ef6baaa9fb4c5e0aeb28e7d36d83804d072ed157077bd2c8428be901cb37353c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
KSidEF3ThwXAAriK6NddUA==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25522
x-fb-rlafr
0
x-fb-debug
pKGKGaxgSXX92Jkt6R6wH5zzm2MaciFtwUNDZcRyKM23YW5HqIc6jlcfPM8M81yMtyNW4/jgjuGX/OTYRpProg==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 12 Sep 2022 18:03:54 GMT
cYT2yRjGEwA.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/cYT2yRjGEwA.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b3928eb1e32abbda9208de6470498336922a28beed85ab46d34e9fe2a1b646cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zGo3XW3GDZxlE9VWbibcmw==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
5250
x-fb-rlafr
0
x-fb-debug
oMoPXyo/HRgQRW3reFYCNkORZ1aEYqyqfhoo0qoSiXX1vVVbdsDTGu3NVWdEQ1p8GuyjUp2ypWw/uDwctRZd7g==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 14 Sep 2022 19:00:21 GMT
28bZN702Ikw.css
static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,cross/ 		745 B
463 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,cross/28bZN702Ikw.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7ee108ce2fd052caa06a711abe8287fb29e0022e482a646ebca7d18727cc56a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
hGa8h1R3nwGG/FmFVUILMA==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
272
x-fb-rlafr
0
x-fb-debug
BAmjW/KoaZx68L6B5tV5HMqN8uvwqd6FuVHSJgm85BASg1obz7F/slKuFyUI2f2qy2gvr7hlP4XViIXkv2UeAw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 07 Sep 2022 13:41:01 GMT
qD6b6wGpOQK.js
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ 		300 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/qD6b6wGpOQK.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b421e226380226026a5612c9009500667fc3d514bd1b46f35035b2946a93a564
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
bh7s4BMGgKIwrLUHtpvhQw==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
83199
x-fb-rlafr
0
x-fb-debug
DgTo8Oj3ZscQosI+1yG7NvrOBcQSizGbTgSjlm9+YnIXb7nu0hGlJNdGtobB3nzx/TRo2gV46BPMFcg+xkdJwQ==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 14 Sep 2022 19:53:35 GMT
36B424nhiL4.svg
static.xx.fbcdn.net/rsrc.php/ym/r/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/ym/r/36B424nhiL4.svg
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
708f4f787db19dcb4cca817e1c38fba2baf0216b092c90d59648464791d57abb
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.whatsapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
content-md5
4iKO8q+In3Sl/CFIcSZsgA==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
3307
x-xss-protection
0
x-fb-debug
j2Q80H73jyeiFXcUh8oxz0rLVigWYJYJG5ctzTNcU+3z34CwNErM2IBuo4vuCRRX+VBINHBOaGhhECmWfA+q0g==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
date
Wed, 15 Sep 2021 07:10:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-fb-rlafr
0
timing-allow-origin
*
priority
u=3,i
expires
Wed, 07 Sep 2022 13:41:05 GMT
lOol7j-zq4u.svg
static.xx.fbcdn.net/rsrc.php/yz/r/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/yz/r/lOol7j-zq4u.svg
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
533ef6670e3d9c0e44718d0afa43f2edda11b58586e9da4e8f621145cf84d4d2
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.whatsapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
content-md5
vQiA34i6I9zhuN5oMyk4pQ==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1145
x-xss-protection
0
x-fb-debug
71JAeWJCGw54Kcp7CDlz/dumQF7TLtABfW474y0h7udewt4au4OaZ1wPpltPL/CxTxFNJD016cfqbXY2RZNxJQ==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
date
Wed, 15 Sep 2021 07:10:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-fb-rlafr
0
timing-allow-origin
*
priority
u=3,i
expires
Mon, 12 Sep 2022 09:55:15 GMT
MvYCV-TsFYO.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/MvYCV-TsFYO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/qD6b6wGpOQK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2c115826945f56b27f3a913ce46892d6ff0c3b128411e3e60f64ff6c79b524eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
tflP03jmXelcgk/kZscNwQ==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
17570
x-fb-rlafr
0
x-fb-debug
7vRH2y2eUyqdu8HQKivaztaqARd/KTG3Zzpv84Xnh1PGh0NR+drO1uK/zWEhoDj2C85dZ0WoBGWppros0Eyfvw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 14 Sep 2022 19:00:22 GMT
ks44nuj1dGU.js
static.xx.fbcdn.net/rsrc.php/v3iN_84/yK/l/de_DE/ 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iN_84/yK/l/de_DE/ks44nuj1dGU.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/qD6b6wGpOQK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c6b83111fef743de906e00497228f5a99ed3a3c926e21b195e7dcc1fb9eede6f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
bU17b0wZE/Dzb/iFdrO/Xw==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
19189
x-fb-rlafr
0
x-fb-debug
63cluPNRKWgSTFdoQBPTidYDV/3BQ+xxT6gFe3EqUH1ax9sH+ccKKHWm1DbMXZagBFzK2JfICjMoa6QbkfqJrw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 15 Sep 2022 03:49:53 GMT
ioxK2Ojkb1E.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/ioxK2Ojkb1E.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/qD6b6wGpOQK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9b64a5b128eda6b44c3703ad43fd34789d7e2f460953c5c862418bce96aecaa7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zEQWCgC/jgu2oSpjJY1/7g==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2088
x-fb-rlafr
0
x-fb-debug
S+tb9Y6M34haPiIvmyi/iTp92t7PRCv8nEKnnE5B75t9sR9NPkHUSx6iQnj0b6Ino905tlMjs5RfwIIB937fFA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 07 Sep 2022 18:18:40 GMT
vHuJXqVF014.js
static.xx.fbcdn.net/rsrc.php/v3i2UN4/yK/l/de_DE/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i2UN4/yK/l/de_DE/vHuJXqVF014.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/qD6b6wGpOQK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
beae5da746df48fba24903fcc3421d24336f552eb48fa237e435ef430e9ed311
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
s49BHzilHAJKVZ/2EQuIbA==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
21492
x-fb-rlafr
0
x-fb-debug
TkD3W88kArA0cpH1A4hC0prb1LjdbQ9aQI2HDevVV/j77orlUDZ7FPbPhoScioDRwhhTDtAMWuOhW5X/b4TWOw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 12 Sep 2022 19:05:31 GMT
cN-N4Eu_deZ.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/cN-N4Eu_deZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/qD6b6wGpOQK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XkHzn1WHKMxOAJmWI3FJ7A==
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;frame-src *.facebook.com *.fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2277
x-fb-rlafr
0
x-fb-debug
W5i1Z150xEb6rE+au+25ZN8Fx5/r6pEIhHvQrSSrjJeYKQ8FHfpboHw8po54dV8le95PVHNL18tKZy5zOupB7A==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 01 Sep 2022 17:27:00 GMT
bz
api.whatsapp.com/ajax/ 		0
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.whatsapp.com/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=0&__csr=&__dyn=7wKBwjbg7ebwKBWo5O12wAxu13w8CewSwMxW0SUhw5cx60Vo1upE4W0OE2Wwce0yE1Vrzo5-0me220qu0SU2swdq0Ho2ew2MoG0hi&__hs=18885.PHASED%3Awhatsapp_www_pkg.2.0.0.0.0&__hsi=7008054307624922816-0&__req=1&__rev=1004397290&__s=%3A%3Arhusmo&__user=0&dpr=1&jazoest=21845&lsd=jXfH5Za1fy7ODoYJ-rJtFF
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i2UN4/yK/l/de_DE/vHuJXqVF014.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f227:2c5:face:b00c:0:167 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.fbcdn.net;style-src 'self' data: blob: 'unsafe-inline' whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;connect-src 'self' data: blob: https://*.whatsapp.com;font-src data: https://*.fbcdn.net;img-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;frame-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
origin
https://api.whatsapp.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
content-length
1847
:path
/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=0&__csr=&__dyn=7wKBwjbg7ebwKBWo5O12wAxu13w8CewSwMxW0SUhw5cx60Vo1upE4W0OE2Wwce0yE1Vrzo5-0me220qu0SU2swdq0Ho2ew2MoG0hi&__hs=18885.PHASED%3Awhatsapp_www_pkg.2.0.0.0.0&__hsi=7008054307624922816-0&__req=1&__rev=1004397290&__s=%3A%3Arhusmo&__user=0&dpr=1&jazoest=21845&lsd=jXfH5Za1fy7ODoYJ-rJtFF
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
multipart/form-data; boundary=----WebKitFormBoundaryLWtGxGyi0iYA48Ad
accept
*/*
cache-control
no-cache
:authority
api.whatsapp.com
referer
https://api.whatsapp.com/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://api.whatsapp.com/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryLWtGxGyi0iYA48Ad

Response headers

content-security-policy
default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.fbcdn.net;style-src 'self' data: blob: 'unsafe-inline' whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;connect-src 'self' data: blob: https://*.whatsapp.com;font-src data: https://*.fbcdn.net;img-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;frame-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
p1j7J1y/Uy8AL0psvlj8XiZ5knxhtEpgNgL+xCYaWWLYpUHqXwErt2/FYjJiPRyMYZD2s1Qf5c1pgNj0c1nnQg==
x-fb-trip-id
1679558926
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 15 Sep 2021 07:10:01 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://api.whatsapp.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E number| __bigPipeFactory string| _script_path object| onloadhooks object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded function| AsyncRequest object| onbeforeunloadhooks object| onafterunloadhooks object| onunloadhooks boolean| domready boolean| loaded

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://api.whatsapp.com/resolve/?deeplink=%2Fbaiuryr%2F%3Fxuvsvrgfnrogzdzqjsuwpckzgafgvzvulzjplhmozhffgckbgthscspovvnoekbucr.aspx
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.fbcdn.net;style-src 'self' data: blob: 'unsafe-inline' whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;connect-src 'self' data: blob: https://*.whatsapp.com;font-src data: https://*.fbcdn.net;img-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;frame-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0