urlscan.io logo urlscan.io
SecurityTrails logo

api.whatsapp.com Open in urlscan Pro
2a03:2880:f22d:c5:face:b00c:0:167  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://referral-factory.com/iFZJ8M/socials/whatsapp
Effective URL: https://api.whatsapp.com/send?text=I%20get%20my%20wine%20at%20Wine%20Butler%20it%27s%20delicious%20and%20affordable%21%20...
Submission Tags: falconsandbox
Submission: On January 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 16 HTTP transactions. The main IP is 2a03:2880:f22d:c5:face:b00c:0:167, located in Frankfurt am Main, Germany and belongs to FACEBOOK, US. The main domain is api.whatsapp.com. The Cisco Umbrella rank of the primary domain is 16364.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on October 24th 2022. Valid for: 3 months.
This is the only time api.whatsapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 5.9.118.112 24940 (HETZNER-AS)
15 2a03:2880:f22... 32934 (FACEBOOK)
16 2
Apex Domain
Subdomains		 Transfer
13 whatsapp.net
static.whatsapp.net — Cisco Umbrella Rank: 2246
198 KB
2 whatsapp.com
api.whatsapp.com — Cisco Umbrella Rank: 16364
26 KB
1 referral-factory.com
referral-factory.com
1 KB
0 Failed
function sub() { [native code] }. Failed
16 4
Domain Requested by
13 static.whatsapp.net api.whatsapp.com
static.whatsapp.net
2 api.whatsapp.com static.whatsapp.net
1 referral-factory.com 1 redirects
0 send Failed static.whatsapp.net
16 4
Subject Issuer Validity Valid
*.whatsapp.net
DigiCert SHA2 High Assurance Server CA		 2022-10-24 -
2023-01-22		 3 months crt.sh

This page contains 1 frames:

Frame: whatsapp://send/?text=I%20get%20my%20wine%20at%20Wine%20Butler%20it%27s%20delicious%20and%20affordable!%20Sign%20up%20using%20my%20email%20address%20and%20we%20both%20get%20%24125%20off%20our%20next%20order!%20CHA-CHING!%20https%3A%2F%2Fwine-butler.referral-factory.com%2FiFZJ8M%2Fjoin%3Fref%3Dwhatsapp
Frame ID: 1E1C035E03159C5D3764FAD7830314BE
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

In WhatsApp teilen

Page URL History Show full URLs

  1. https://referral-factory.com/iFZJ8M/socials/whatsapp HTTP 302
    https://api.whatsapp.com/send?text=I%20get%20my%20wine%20at%20Wine%20Butler%20it%27s%20delicious%20an... Page URL

Page Statistics

16
Requests

94 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

223 kB
Transfer

788 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://referral-factory.com/iFZJ8M/socials/whatsapp HTTP 302
    https://api.whatsapp.com/send?text=I%20get%20my%20wine%20at%20Wine%20Butler%20it%27s%20delicious%20and%20affordable%21%20Sign%20up%20using%20my%20email%20address%20and%20we%20both%20get%20%24125%20off%20our%20next%20order%21%20CHA-CHING%21+https%3A%2F%2Fwine-butler.referral-factory.com%2FiFZJ8M%2Fjoin%3Fref%3Dwhatsapp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request send
api.whatsapp.com/
Redirect Chain
  • https://referral-factory.com/iFZJ8M/socials/whatsapp
  • https://api.whatsapp.com/send?text=I%20get%20my%20wine%20at%20Wine%20Butler%20it%27s%20delicious%20and%20affordable%21%20Sign%20up%20using%20my%20email%20address%20and%20we%20both%20get%20%24125%20...
107 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.whatsapp.com/send?text=I%20get%20my%20wine%20at%20Wine%20Butler%20it%27s%20delicious%20and%20affordable%21%20Sign%20up%20using%20my%20email%20address%20and%20we%20both%20get%20%24125%20off%20our%20next%20order%21%20CHA-CHING%21+https%3A%2F%2Fwine-butler.referral-factory.com%2FiFZJ8M%2Fjoin%3Fref%3Dwhatsapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
effd2ae5949e4da74ba9bc3dc2d858fd503df0f58167b7edf48246057fb73268
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.fbcdn.net *.whatsapp.com *.whatsapp.net;style-src 'self' data: blob: 'unsafe-inline' whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;connect-src 'self' data: blob: https://*.whatsapp.com;font-src data: https://*.fbcdn.net https://static.whatsapp.net;img-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;frame-src 'self' data: blob: whatsapp:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.fbcdn.net *.whatsapp.com *.whatsapp.net;style-src 'self' data: blob: 'unsafe-inline' whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;connect-src 'self' data: blob: https://*.whatsapp.com;font-src data: https://*.fbcdn.net https://static.whatsapp.net;img-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;frame-src 'self' data: blob: whatsapp:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Sat, 14 Jan 2023 21:25:56 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
pRD5rpN7bQkD3I5JB+BZUkUz3lOROO9B38pTnvxfw6qbmucFd2w0/sxuHy1TM/fpoj/PffhXnm+eFTOyZYD3Sw==
x-fb-trip-id
1679558926
x-frame-options
DENY
x-xss-protection
0

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Sat, 14 Jan 2023 21:25:56 GMT
location
https://api.whatsapp.com/send?text=I%20get%20my%20wine%20at%20Wine%20Butler%20it%27s%20delicious%20and%20affordable%21%20Sign%20up%20using%20my%20email%20address%20and%20we%20both%20get%20%24125%20off%20our%20next%20order%21%20CHA-CHING%21+https%3A%2F%2Fwine-butler.referral-factory.com%2FiFZJ8M%2Fjoin%3Fref%3Dwhatsapp
server
nginx
C2fHuK6eV5E.css
static.whatsapp.net/rsrc.php/v3/yI/l/0,cross/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/yI/l/0,cross/C2fHuK6eV5E.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/send?text=I%20get%20my%20wine%20at%20Wine%20Butler%20it%27s%20delicious%20and%20affordable%21%20Sign%20up%20using%20my%20email%20address%20and%20we%20both%20get%20%24125%20off%20our%20next%20order%21%20CHA-CHING%21+https%3A%2F%2Fwine-butler.referral-factory.com%2FiFZJ8M%2Fjoin%3Fref%3Dwhatsapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d1aa6c4ab2daba84e9082980e75f0bab05b5c126fe50ec98844a579585c5ba0f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
k8V3InxfvjCMTYkVYlCuYg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1765
x-fb-rlafr
0
x-fb-debug
9wZZ5MyFXw2OYwxW9PD3M0267t0i5TRQB7WMHAd/wquy/JQxlgQXTvXOmZUzJUjdqn87wnWoEHEf7J4VIPBtXw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jan 2024 02:11:05 GMT
OYQQrOC3rPv.css
static.whatsapp.net/rsrc.php/v3/yt/l/0,cross/ 		127 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/yt/l/0,cross/OYQQrOC3rPv.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/send?text=I%20get%20my%20wine%20at%20Wine%20Butler%20it%27s%20delicious%20and%20affordable%21%20Sign%20up%20using%20my%20email%20address%20and%20we%20both%20get%20%24125%20off%20our%20next%20order%21%20CHA-CHING%21+https%3A%2F%2Fwine-butler.referral-factory.com%2FiFZJ8M%2Fjoin%3Fref%3Dwhatsapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3541d6cdc9c6e6946d032bb51cad60a8df6954ec8362db5e2aa3875cc80e975a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ShfZpds+azWo9JAA0mAfXg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
24925
x-fb-rlafr
0
x-fb-debug
UwrySBpZGw0Y4Pf3Hsg7fwGgFrY/NIusXZLxcz8eovr0B28UbvdAz7rHGmDmLGiDzGEjkHUlGvMsx8FZG5xCpA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 18:16:18 GMT
SYloal_M6em.css
static.whatsapp.net/rsrc.php/v3/yj/l/0,cross/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/yj/l/0,cross/SYloal_M6em.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/send?text=I%20get%20my%20wine%20at%20Wine%20Butler%20it%27s%20delicious%20and%20affordable%21%20Sign%20up%20using%20my%20email%20address%20and%20we%20both%20get%20%24125%20off%20our%20next%20order%21%20CHA-CHING%21+https%3A%2F%2Fwine-butler.referral-factory.com%2FiFZJ8M%2Fjoin%3Fref%3Dwhatsapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f3b977a6b2d9c78a584336dfd696427482f0056eec2030285dd27ac08eb44da8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
5vMbXs3L463ToDDc6vWHCA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3474
x-fb-rlafr
0
x-fb-debug
dwZD9SlbiyJLPxpvnkWAupNi0MZ9Jmeh66gSIP4UvcKlD3MWkOC0u08XMXhHyq9GiiBq68L5WRQE9M/HvRn8LA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 19:13:59 GMT
28bZN702Ikw.css
static.whatsapp.net/rsrc.php/v3/yc/l/0,cross/ 		761 B
524 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/yc/l/0,cross/28bZN702Ikw.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/send?text=I%20get%20my%20wine%20at%20Wine%20Butler%20it%27s%20delicious%20and%20affordable%21%20Sign%20up%20using%20my%20email%20address%20and%20we%20both%20get%20%24125%20off%20our%20next%20order%21%20CHA-CHING%21+https%3A%2F%2Fwine-butler.referral-factory.com%2FiFZJ8M%2Fjoin%3Fref%3Dwhatsapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c6db3f25cef9d302542b41e0ed51aa8a7df470c38568a44606ee5ddfb0f9079
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
VLzN3cDGGSC5C5stMHnv7A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
330
x-fb-rlafr
0
x-fb-debug
opBdm8o51OfWX/j+zSEoLiFRlptpia8aElHkK5rvL+/3xvkyiNGFr9YjYZJftZ1zTRo2+U0zMbag3i6JjsqMQA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 20:28:21 GMT
wCGjnTvW8il.js
static.whatsapp.net/rsrc.php/v3/yV/r/ 		305 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/yV/r/wCGjnTvW8il.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/send?text=I%20get%20my%20wine%20at%20Wine%20Butler%20it%27s%20delicious%20and%20affordable%21%20Sign%20up%20using%20my%20email%20address%20and%20we%20both%20get%20%24125%20off%20our%20next%20order%21%20CHA-CHING%21+https%3A%2F%2Fwine-butler.referral-factory.com%2FiFZJ8M%2Fjoin%3Fref%3Dwhatsapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2912bee3d19f45b93295a93939a1bc266c0569fa8aab823378b2770571cbc5dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
AR0s7AzYhcP/xzg6iMYrhQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
95065
x-fb-rlafr
0
x-fb-debug
Dq6q1iKjRWxKq5jJadvA+8kJb226GXtS08quy/E396yk91IE+AjtPW/pG3iKBZIVW9D1QKBb4bglVjmkFziTVw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 00:54:50 GMT
36B424nhiL4.svg
static.whatsapp.net/rsrc.php/ym/r/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.whatsapp.net/rsrc.php/ym/r/36B424nhiL4.svg
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/send?text=I%20get%20my%20wine%20at%20Wine%20Butler%20it%27s%20delicious%20and%20affordable%21%20Sign%20up%20using%20my%20email%20address%20and%20we%20both%20get%20%24125%20off%20our%20next%20order%21%20CHA-CHING%21+https%3A%2F%2Fwine-butler.referral-factory.com%2FiFZJ8M%2Fjoin%3Fref%3Dwhatsapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
708f4f787db19dcb4cca817e1c38fba2baf0216b092c90d59648464791d57abb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.whatsapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
1PahtogH2TdrYgTecqnYJw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3483
x-fb-rlafr
0
x-fb-debug
BqiAc07hH/aVvTwK+sT5pRfFXT9F+ki/Fp9/Tmmno6KslwEASMRon61lQuydayo7Cgu0jVB47+iC947pLjR0Ug==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 23:56:51 GMT
lOol7j-zq4u.svg
static.whatsapp.net/rsrc.php/yz/r/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.whatsapp.net/rsrc.php/yz/r/lOol7j-zq4u.svg
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/send?text=I%20get%20my%20wine%20at%20Wine%20Butler%20it%27s%20delicious%20and%20affordable%21%20Sign%20up%20using%20my%20email%20address%20and%20we%20both%20get%20%24125%20off%20our%20next%20order%21%20CHA-CHING%21+https%3A%2F%2Fwine-butler.referral-factory.com%2FiFZJ8M%2Fjoin%3Fref%3Dwhatsapp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
533ef6670e3d9c0e44718d0afa43f2edda11b58586e9da4e8f621145cf84d4d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.whatsapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
fzJfYVRegc0rwTLMap2TrQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1223
x-fb-rlafr
0
x-fb-debug
ZA0pC1FuYgfbsezj5cN+/rUqZAB6GaaJ5+RD6N0QeD+YeCgWl0yCRY9aPRi6LJHrsh/LhxZ0ZU8EsyLGQJG2Sw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
priority
u=3,i
expires
Mon, 08 Jan 2024 23:56:28 GMT
ioxK2Ojkb1E.js
static.whatsapp.net/rsrc.php/v3/ys/r/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/ys/r/ioxK2Ojkb1E.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.whatsapp.net
URL: https://static.whatsapp.net/rsrc.php/v3/yV/r/wCGjnTvW8il.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d1bf1ac5635a1bea44eaae82f5e19bf981d48ba9a50a9deba0dad51b3a0beb18
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
fhpa3exUw94+A7nbPjxIXw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2205
x-fb-rlafr
0
x-fb-debug
G6uo7cKh82aCFukZS423UQC63nR9FLugjK4bRUPrCWmwilKUYLQUd9uVGap984/bwNLyRwReQPyyiEyTp6Azmw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jan 2024 07:13:43 GMT
hVbxhbyi4CJ.js
static.whatsapp.net/rsrc.php/v3/yw/r/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/yw/r/hVbxhbyi4CJ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.whatsapp.net
URL: https://static.whatsapp.net/rsrc.php/v3/yV/r/wCGjnTvW8il.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
047273e235593d7fa33fb2e0cef8dbbbfb73e606d8ba9ba1109b525e6c62cff4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
OMLqgYuLyCep5mnmjDF/2w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14768
x-fb-rlafr
0
x-fb-debug
5SnEXAguwNaxJ86b0XZe9yQglBl08+b9UZyrYmzWpN0HWw/uZi+XhAi+cp1e78E7yOZk2N9DwqjoTUbFLPhjGA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
priority
u=1
expires
Mon, 08 Jan 2024 17:16:34 GMT
EBtN3L3bGTb.js
static.whatsapp.net/rsrc.php/v3iN_84/yc/l/de_DE/ 		78 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3iN_84/yc/l/de_DE/EBtN3L3bGTb.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.whatsapp.net
URL: https://static.whatsapp.net/rsrc.php/v3/yV/r/wCGjnTvW8il.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bed398e62b35857cf13abfbf4e5c4e13c8c047c3c500e82ae08d27c96de4b6a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
bI5KteB9xhy5bbR2t/Udsg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22445
x-fb-rlafr
0
x-fb-debug
M889e/gOW+yiD6nUCK6Yf8dVgaFZYEgCJp8tWrFVb3Sy9eqeH+JDFxhIGg9sw1RPx66/rVDY6kS2RqaxFUZieQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
priority
u=1
expires
Fri, 05 Jan 2024 18:20:52 GMT
ZL1A46FYUm6.js
static.whatsapp.net/rsrc.php/v3/ya/r/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/ya/r/ZL1A46FYUm6.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.whatsapp.net
URL: https://static.whatsapp.net/rsrc.php/v3/yV/r/wCGjnTvW8il.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0db0f25e050a0d52bea0d34475a85a10e6b23b1a1a56e21bed8dbe86eb5b3fc2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
DMIxBmei350Tvh5O8Om20Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1225
x-fb-rlafr
0
x-fb-debug
Dr2FI1m/CLmsCOiQGtVEq59g0OitAODhlOM7/tZ1m9Fjz4uZ3IxC/7dmbyccU/LH6//yGDWEPLcNIwYPO0W0fg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
priority
u=1
expires
Thu, 11 Jan 2024 00:45:53 GMT
qd3BkPntgTu.js
static.whatsapp.net/rsrc.php/v3i2UN4/yl/l/de_DE/ 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3i2UN4/yl/l/de_DE/qd3BkPntgTu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.whatsapp.net
URL: https://static.whatsapp.net/rsrc.php/v3/yV/r/wCGjnTvW8il.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1c284afbce8e7a14e00e7d582afc7328e3974a185a87677ef5988e8c6fe682a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
3Pd3XiEMkZO6slF5lnd7Mg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
23022
x-fb-rlafr
0
x-fb-debug
aU8vUpnWoKo4Lj0rR3b8aa0BGWiC4g040xvsOpcbPzguQMlWcEdXdklGsoFDfKDHgGCn3U4AqeF0HiA6g8On1w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
priority
u=1
expires
Sun, 07 Jan 2024 18:00:41 GMT
_xHrWCu7NpZ.js
static.whatsapp.net/rsrc.php/v3/yR/r/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/yR/r/_xHrWCu7NpZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.whatsapp.net
URL: https://static.whatsapp.net/rsrc.php/v3/yV/r/wCGjnTvW8il.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7f9878e4be3373fa5c87476dac74ff06caa8f3f9912d30376793ccf7baaaf9cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
bIIr+c/yL1cZR5pZK3nZQQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6506
x-fb-rlafr
0
x-fb-debug
S0CYU3W9RzGZ3n4xaqvqLRiCC0j+1Ml0tV1hO5GIecl6axgb6ajZPQM2XUX74M36lWttqIEf+keOJB1f9gGoVw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
priority
u=1
expires
Sat, 13 Jan 2024 21:33:31 GMT
/
send/ 		0
0
bz
api.whatsapp.com/ajax/ 		0
30 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.whatsapp.com/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=0&__dyn=7wKwkHg7ebwKBWo5O12wAxu13w8CewSwMxW0SU1nEhwem0nCq1ewcG0KE33w8G0umUS1vw5zwww6Dw5Uwdq0Ho2ew4Kw6iw4vwbS1Lw4Cw&__hs=19371.BP%3Awhatsapp_www_pkg.2.0.0.0.0&__hsi=7188622295652882428&__req=1&__rev=1006820819&__s=%3A%3Ab7gfhe&__user=0&dpr=1&jazoest=21921&lsd=DSu0gQus2bFTev2g9sMuCR
Requested by
Host: static.whatsapp.net
URL: https://static.whatsapp.net/rsrc.php/v3i2UN4/yl/l/de_DE/qd3BkPntgTu.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.fbcdn.net *.whatsapp.com *.whatsapp.net;style-src 'self' data: blob: 'unsafe-inline' whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;connect-src 'self' data: blob: https://*.whatsapp.com;font-src data: https://*.fbcdn.net https://static.whatsapp.net;img-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;frame-src 'self' data: blob: whatsapp:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://api.whatsapp.com/send?text=I%20get%20my%20wine%20at%20Wine%20Butler%20it%27s%20delicious%20and%20affordable%21%20Sign%20up%20using%20my%20email%20address%20and%20we%20both%20get%20%24125%20off%20our%20next%20order%21%20CHA-CHING%21+https%3A%2F%2Fwine-butler.referral-factory.com%2FiFZJ8M%2Fjoin%3Fref%3Dwhatsapp
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarydvZvEPrrb74sZjB9

Response headers

content-security-policy
default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.fbcdn.net *.whatsapp.com *.whatsapp.net;style-src 'self' data: blob: 'unsafe-inline' whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;connect-src 'self' data: blob: https://*.whatsapp.com;font-src data: https://*.fbcdn.net https://static.whatsapp.net;img-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;frame-src 'self' data: blob: whatsapp:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-type-options
nosniff
date
Sat, 14 Jan 2023 21:25:57 GMT
document-policy
force-load-at-top
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
NMVbjdcdceAfqI2qpPn+qQJi7oQVMyBiY0/EzKdu0LzOXpBTW3NjUs4pHqX2yOzG6Rf8FGzNe/Kr6ewGrqP0uA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://api.whatsapp.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
send
URL
whatsapp://send/?text=I%20get%20my%20wine%20at%20Wine%20Butler%20it%27s%20delicious%20and%20affordable!%20Sign%20up%20using%20my%20email%20address%20and%20we%20both%20get%20%24125%20off%20our%20next%20order!%20CHA-CHING!%20https%3A%2F%2Fwine-butler.referral-factory.com%2FiFZJ8M%2Fjoin%3Fref%3Dwhatsapp

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| envFlush object| Env number| __DEV__ undefined| MAX_CALLS_TO_EXEC function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy object| __onBeforeModuleFactory object| __onAfterModuleFactory function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E number| __bigPipeFactory string| _script_path object| onloadhooks function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded function| AsyncRequest object| domreadyhooks boolean| domready boolean| loaded object| __FB_STORE object| onafterunloadhooks object| onunloadhooks

2 Cookies

Domain/Path Name / Value
referral-factory.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InVyclBScDdEVWd4SjRWeCthQlF0dWc9PSIsInZhbHVlIjoiVThid1VnVFNiNmprWnhhY0FXNHBiRGFFRVVqaGZoRlhEajRiYUlnMk02Vlk0d2lac3NHaTFwM1JtY1BNNE5IMjRsRTYwSmpnUThsQUNSMGljamM3UEYxcUlHSWx3WjZhT09VWnJqdUpZTC9PbXhFanJkTFNkV1F4VGUrMERRQWwiLCJtYWMiOiJiNGI0MDJlZDgzZGIxMGM1MmViMmE2OTQwODk5NzcxZTc4NjIwMmNiODhjMzc4M2MzNmQ4Y2M2OTkyMTY1NDNlIn0%3D
referral-factory.com/ Name: referral_factory_session
Value: eyJpdiI6IkhIemViYms2dlR2azZLVWloSlBXUWc9PSIsInZhbHVlIjoiK3dXNTJvV1dLZ0JzVVdNN2FWb1dBbmNiMi9TdEFURGlpTmxIbXE2NDRNWFlRWFdreUhpeWhBRVo3dUZSWFhFSXF2LzNneGJ6NzZTT1AzQnB5TEh5aHhzaCtZN1NzMEZZczRFYkhDSWJnOTE5Vk9UTGsxZ0lEVytVeGVJL3V0WUoiLCJtYWMiOiI1ZjI0N2M2M2I5MGFjY2U3MTdkNmJmMDJmN2MzZTZiMjc5MzI1ZDYwNWJlODQxMzkxNjc2ZjI2MDMzYmQwOTMwIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.fbcdn.net *.whatsapp.com *.whatsapp.net;style-src 'self' data: blob: 'unsafe-inline' whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;connect-src 'self' data: blob: https://*.whatsapp.com;font-src data: https://*.fbcdn.net https://static.whatsapp.net;img-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;frame-src 'self' data: blob: whatsapp:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0