www.instagram.com Open in urlscan Pro
2a03:2880:f276:1e9:face:b00c:0:4420  Public Scan

Submitted URL: https://www.estes-express.com/redirects/estes-email-signature.html?campaign=email_signature&path=instagram
Effective URL: https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
Submission: On January 12 via api from US — Scanned from DE

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 49 HTTP transactions. The main IP is 2a03:2880:f276:1e9:face:b00c:0:4420, located in Frankfurt am Main, Germany and belongs to FACEBOOK, US. The main domain is www.instagram.com. The Cisco Umbrella rank of the primary domain is 1821.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on October 22nd 2023. Valid for: 3 months.
This is the only time www.instagram.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
22 cdninstagram.com
static.cdninstagram.com — Cisco Umbrella Rank: 3704
1 MB
8 instagram.com
www.instagram.com — Cisco Umbrella Rank: 1821
72 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1695
21 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 4002
562 B
2 google.com
www.google.com — Cisco Umbrella Rank: 6
562 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1202
script.hotjar.com — Cisco Umbrella Rank: 1735
59 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
197 KB
2 estes-express.com
www.estes-express.com — Cisco Umbrella Rank: 167765
4 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 708
30 KB
49 11
Domain Requested by
22 static.cdninstagram.com www.instagram.com
static.cdninstagram.com
8 www.instagram.com 1 redirects www.estes-express.com
static.cdninstagram.com
3 region1.google-analytics.com www.googletagmanager.com
2 www.google.de
2 www.google.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.estes-express.com
www.googletagmanager.com
2 www.estes-express.com ajax.googleapis.com
1 www.facebook.com static.cdninstagram.com
1 script.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 static.hotjar.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 ajax.googleapis.com www.estes-express.com
49 14
Subject Issuer Validity Valid
*.estes-express.com
GlobalSign RSA OV SSL CA 2018
2023-03-16 -
2024-04-16
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA
2023-10-22 -
2024-01-20
3 months crt.sh
www.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
www.google.de
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.instagram.com
DigiCert SHA2 High Assurance Server CA
2023-10-22 -
2024-01-20
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-10-22 -
2024-01-20
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
Frame ID: D0F0B7B5CAD454AE302D6D4A0B5CDCCD
Requests: 57 HTTP requests in this frame

Screenshot

Page Title

Anmeldung • Instagram„Pfeil nach unten“-SymbolSpracheCookieSchildMeta-LogoFilterPfeil-Symbol zum Anzeigen der Cookie-HinweisePfeil-Symbol zum Anzeigen der Cookie-HinweisePfeil-Symbol zum Anzeigen der Cookie-HinweisePfeil-Symbol zum Anzeigen der Cookie-HinweisePfeil-Symbol zum Anzeigen der Cookie-HinweisePfeil-Symbol zum Anzeigen der Cookie-Hinweise

Page URL History Show full URLs

  1. https://www.estes-express.com/redirects/estes-email-signature.html?campaign=email_signature&path=insta... Page URL
  2. https://www.instagram.com/estesexpress/ HTTP 302
    https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

98 %
HTTPS

79 %
IPv6

11
Domains

14
Subdomains

15
IPs

3
Countries

1862 kB
Transfer

7958 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.estes-express.com/redirects/estes-email-signature.html?campaign=email_signature&path=instagram Page URL
  2. https://www.instagram.com/estesexpress/ HTTP 302
    https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
estes-email-signature.html
www.estes-express.com/redirects/
3 KB
2 KB
Document
General
Full URL
https://www.estes-express.com/redirects/estes-email-signature.html?campaign=email_signature&path=instagram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.75.50.32 , United States, ASN21937 (EEL-LTL, US),
Reverse DNS
www.estes-express.com
Software
/
Resource Hash
e6b0b7306c249ee7cc3aaa7a548457912470cd6c17c7d7e5d0e932ccc4673f6a
Security Headers
Name Value
Strict-Transport-Security max-age=157680000 max-age=10368000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1320
Content-Type
text/html;charset=UTF-8
Cteonnt-Length
2596
Date
Fri, 12 Jan 2024 22:48:24 GMT
Strict-Transport-Security
max-age=157680000 max-age=10368000
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: www.estes-express.com
URL: https://www.estes-express.com/redirects/estes-email-signature.html?campaign=email_signature&path=instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estes-express.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 20:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 20:09:25 GMT
gtm.js
www.googletagmanager.com/
396 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P2R86FD
Requested by
Host: www.estes-express.com
URL: https://www.estes-express.com/redirects/estes-email-signature.html?campaign=email_signature&path=instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estes-express.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 22:48:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104225
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Jan 2024 22:48:24 GMT
redirects.txt
www.estes-express.com/redirects/
8 KB
2 KB
XHR
General
Full URL
https://www.estes-express.com/redirects/redirects.txt
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.75.50.32 , United States, ASN21937 (EEL-LTL, US),
Reverse DNS
www.estes-express.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=157680000, max-age=10368000

Request headers

Accept
*/*
Referer
https://www.estes-express.com/redirects/estes-email-signature.html?campaign=email_signature&path=instagram
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 22:48:24 GMT
Strict-Transport-Security
max-age=157680000, max-age=10368000
Content-Encoding
gzip
Last-Modified
Fri, 10 Dec 2021 20:20:06 +0000
ETag
dot:2ec8e91b-d157-4f4d-abba-5b09304fa8a2:1639167606000:8449
ntCoent-Length
8449
Content-Type
text/plain;charset=UTF-8
Cache-Control
private
Content-Disposition
inline; filename="STANDUP_NOTES.txt"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1253
Expires
Sat, 11 Jan 2025 22:48:24 +0000
js
www.googletagmanager.com/gtag/
299 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ESNJP2KBLW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P2R86FD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estes-express.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 22:48:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97016
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 22:48:24 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P2R86FD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estes-express.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 12 Jan 2024 21:48:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3609
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 12 Jan 2024 23:48:15 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/715544059/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/715544059/?random=1705099704700&cv=11&fst=1705099704700&bg=ffffff&guid=ON&async=1&gtm=45He41a0v811903771&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.estes-express.com%2Fredirects%2Festes-email-signature.html%3Fcampaign%3Demail_signature%26amp%3Bpath%3Dinstagram&label=GqneCITu6bYBEPurmdUC&hn=www.googleadservices.com&frm=0&tiba=Estes%20Email%20Signature%20Redirects&auid=506568912.1705099705&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P2R86FD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estes-express.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 22:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hotjar-1605881.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1605881.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P2R86FD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-110.ams50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estes-express.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 12 Jan 2024 22:48:24 GMT
via
1.1 5345148f0ba8ae3c67b69d035acdbfc4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
etag
W/3fe9db835bf9c59b4b6d78345be94936
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
DlETXJ5VoOky0inWGeorNM3HyjECPtOkB5F2LJkyOvxqtQVuxOhPzA==
Primary Request /
www.instagram.com/accounts/login/
Redirect Chain
  • https://www.instagram.com/estesexpress/
  • https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
250 KB
68 KB
Document
General
Full URL
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
Requested by
Host: www.estes-express.com
URL: https://www.estes-express.com/redirects/estes-email-signature.html?campaign=email_signature&path=instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1e9:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
35a74279c293c97e44c02bb3a815eb94f66391a71ec0cbe18f3bf4b9dee60136
Security Headers
Name Value
Content-Security-Policy default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: *.fbcdn.net *.instagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.estes-express.com/redirects/estes-email-signature.html?campaign=email_signature&path=instagram
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
viewport-width,dpr,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
accept-ch-lifetime
4838400
alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: *.fbcdn.net *.instagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only
default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: *.fbcdn.net *.instagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster:;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;worker-src *.instagram.com/static_resources/webworker_v1/init_script/ *.instagram.com/static_resources/webworker/init_script/ *.instagram.com/static_resources/sharedworker/init_script/ *.instagram.com/www-service-worker.js;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 12 Jan 2024 22:48:25 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(self), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), xr-spatial-tracking=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
yTUp+GE3bdfvdSjT8OYMopmIoCglSYnmPwm6OKzYDXgG1xqBd732xsYbAWu9GlEraxeCAvMtSQYtlvfr3jTGaQ==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/html; charset="utf-8"
date
Fri, 12 Jan 2024 22:48:24 GMT
location
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
strict-transport-security
max-age=15552000
x-fb-debug
sfJz1GP6/c3TM4PQPDT6o3XRwaztL5Fy4M52wgiRDnJX4DZC9wWL13/njhIJO32bWQEQBWFBrCbDAjr98t17EA==
collect
region1.google-analytics.com/g/
0
258 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ESNJP2KBLW&gtm=45je41a0v883324646z8811903771&_p=1705099704504&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1143551530.1705099705&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705099704&sct=1&seg=0&dl=https%3A%2F%2Fwww.estes-express.com%2Fredirects%2Festes-email-signature.html%3Fcampaign%3Demail_signature%26amp%3Bpath%3Dinstagram&dt=Estes%20Email%20Signature%20Redirects&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1044
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ESNJP2KBLW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estes-express.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 22:48:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.estes-express.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ESNJP2KBLW&gtm=45je41a0v883324646z8811903771&_p=1705099704504&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1143551530.1705099705&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1705099704&sct=1&seg=0&dl=https%3A%2F%2Fwww.estes-express.com%2Fredirects%2Festes-email-signature.html%3Fcampaign%3Demail_signature%26amp%3Bpath%3Dinstagram&dt=Estes%20Email%20Signature%20Redirects&_s=2&tfd=1070
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ESNJP2KBLW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.estes-express.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 22:48:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.estes-express.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ESNJP2KBLW&gtm=45je41a0v883324646&_p=1705099704504&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1143551530.1705099705&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1705099704&sct=1&seg=0&dl=https%3A%2F%2Fwww.estes-express.com%2Fredirects%2Festes-email-signature.html%3Fcampaign%3Demail_signature%26amp%3Bpath%3Dinstagram&dt=Estes%20Email%20Signature%20Redirects&en=scroll&epn.percent_scrolled=90&_et=1&tfd=1074
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ESNJP2KBLW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estes-express.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 22:48:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.estes-express.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
212 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1049329699&t=pageview&_s=1&dl=https%3A%2F%2Fwww.estes-express.com%2Fredirects%2Festes-email-signature.html%3Fcampaign%3Demail_signature%26amp%3Bpath%3Dinstagram&ul=en-us&de=UTF-8&dt=Estes%20Email%20Signature%20Redirects&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAAAAC~&jid=735452955&gjid=186321494&cid=1143551530.1705099705&tid=UA-2307964-1&_gid=1873628121.1705099705&_slc=1&gtm=45He41a0n81P2R86FDv811903771&cd1=https%3A%2F%2Fwww.estes-express.com%2Fredirects%2Festes-email-signature.html%3Fcampaign%3Demail_signature%26amp%3Bpath%3Dinstagram&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=989195248
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.estes-express.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 22:48:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.estes-express.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
353 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2307964-1&cid=1143551530.1705099705&jid=735452955&gjid=186321494&_gid=1873628121.1705099705&_u=YCDAgAABAAAAAG~&z=2086052024
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.estes-express.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 12 Jan 2024 22:48:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.estes-express.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/715544059/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/715544059/?random=1705099704700&cv=11&fst=1705096800000&bg=ffffff&guid=ON&async=1&gtm=45He41a0v811903771&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.estes-express.com%2Fredirects%2Festes-email-signature.html%3Fcampaign%3Demail_signature%26amp%3Bpath%3Dinstagram&label=GqneCITu6bYBEPurmdUC&frm=0&tiba=Estes%20Email%20Signature%20Redirects&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_C85G6lScq3oV-Tjx4zP3sbREA_v12w&random=2455990183&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estes-express.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 22:48:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/715544059/
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/715544059/?random=1705099704700&cv=11&fst=1705096800000&bg=ffffff&guid=ON&async=1&gtm=45He41a0v811903771&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.estes-express.com%2Fredirects%2Festes-email-signature.html%3Fcampaign%3Demail_signature%26amp%3Bpath%3Dinstagram&label=GqneCITu6bYBEPurmdUC&frm=0&tiba=Estes%20Email%20Signature%20Redirects&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_C85G6lScq3oV-Tjx4zP3sbREA_v12w&random=2455990183&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estes-express.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 22:48:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.01a61edd76e9459a4476.js
script.hotjar.com/
219 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.01a61edd76e9459a4476.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1605881.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-28.ams54.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estes-express.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 08:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
51438
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55621
last-modified
Fri, 12 Jan 2024 08:30:49 GMT
etag
"c6b381ec2a77add5ff4703aac0792891"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
KoQTtod0iPgYxf_as-stRYWwPRMSJdh7Gnv61djqHQCgltVfVE1TKw==
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2307964-1&cid=1143551530.1705099705&jid=735452955&_u=YCDAgAABAAAAAG~&z=2116985874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estes-express.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 22:48:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2307964-1&cid=1143551530.1705099705&jid=735452955&_u=YCDAgAABAAAAAG~&z=2116985874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estes-express.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 22:48:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
0

truncated
/
422 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79690b8ff5d31df844787e36d4048705a13bfd07f307e42e5087e235e3b16504

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
application/x-javascript;charset=utf-8
truncated
/
277 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
857a5bcb9e09b1a3ed77b9d3d7a6ded10ab27d1a66ace4c39ffca422cef09da7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
application/x-javascript;charset=utf-8
truncated
/
126 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41bf28018cbba9df7f9cd3c09452d8b3fa2a8690a381f787113e23fe19c83d2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
application/x-javascript;charset=utf-8
truncated
/
961 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
548ba844583be9db2a87dfdfa9a3cc30f52aff0eb6d164c2eb280b5470ed44ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
application/x-javascript;charset=utf-8
/
www.instagram.com/ajax/qm/
62 B
193 B
Ping
General
Full URL
https://www.instagram.com/ajax/qm/?__a=1&__user=0&__comet_req=7&jazoest=2864
Requested by
Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yo/r/rMjUV3tlg5-.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f276:1e9:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f9fa82b85bb7917bae37d58bbdd9cac3fe6951a58101997a73a14a67b82671f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
dpr
1
accept-language
de-DE,de;q=0.9
sec-ch-prefers-color-scheme
light
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
viewport-width
1600
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000
content-encoding
br
x-content-type-options
nosniff
date
Fri, 12 Jan 2024 22:48:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
gM2oRu7/9xXWVW778D6bGq9JAU2/xpDKKHlZxnXFA6/o8CVVqfaKMK0dR5yiQQM/UmRnx8x2QECQ4Rl5JQbHGw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(self), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=4,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/
1 KB
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a83a319c6e7bf8171265e277fe99f6be0443ce609df2d76316d1f2de1bcdfaa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
application/x-javascript;charset=utf-8
ZIRv-V3IyfH.css
static.cdninstagram.com/rsrc.php/v3/yf/l/0,cross/
651 KB
141 KB
Stylesheet
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3/yf/l/0,cross/ZIRv-V3IyfH.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
33fefe9c6fb9ad6e055cb06ee641cb03371f41e4f078a95b1c27dc977e745724
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9RwtSHfNbu/SFNQcJPD5Ag==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
143927
reporting-endpoints
x-fb-debug
Jg9s8WIciKVOX+5iBbDYWS31y2zw5LzUAt0vdflLZA8zfd5XIt3Vsf91dFK6DcAtzeb+HbDIteq5R/ujBXuAvg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.instagram.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=()
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:11:19 GMT
c7JQTN9K6s_.js
static.cdninstagram.com/rsrc.php/v3/yw/r/
269 KB
68 KB
Script
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3/yw/r/c7JQTN9K6s_.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2364d078c0e63565e594394d4f3ac8b21cbebfd09f278a240b4fe3454dae78ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
P2XIl14YRaO1aEi03qr6RQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
69175
reporting-endpoints
x-fb-debug
2HT3c9+QMzR5hhVSImHwr5lqv0i7C+wLUQjpgGQjU8/qLVLCRfASs3cIqgouMq0DXOvXx3oMYPCva1NUieF6Wg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=()
timing-allow-origin
*
expires
Sat, 11 Jan 2025 00:09:23 GMT
h0zbU35wBWo.js
static.cdninstagram.com/rsrc.php/v3iwqN4/y9/l/de_DE/
1 MB
251 KB
Script
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3iwqN4/y9/l/de_DE/h0zbU35wBWo.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d2be1a0673981c78f3bbca448fa9ee7da91065ce1e1cae894cecfe7dc4a0291
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
l7MSrfg+h1sOfuumXV6sLA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
256297
reporting-endpoints
x-fb-debug
D2VxbgDU3KzX9lhPfwFj4KbjBVHwBhy836IlIQNtfLkGbCGUbL65y6R+WP6+yVmAD9iAoDtEOGF2Hnxu3JI7Uw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=()
timing-allow-origin
*
expires
Sat, 11 Jan 2025 19:19:38 GMT
r8n0J1e6EaBfQsuiAZrFzHVxmFhhn0aNQCNxbC1vE502lgFbOhCqYa0bzJ21H-b7o089Vv__-P5w5lzXAAUKDeI_J4QlnBRPAClv_yEmJ45yewG5k_Qpbr4pOYit5iKqmk1-OCceNhyyDZ-WaVmV2V3Fh5vsWqehdEtWws2sKeIuQHh0DQVEH-g-FDC.js
static.cdninstagram.com/rsrc.php/v3ibsS4/yw/l/de_DE/
2 MB
447 KB
Script
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3ibsS4/yw/l/de_DE/r8n0J1e6EaBfQsuiAZrFzHVxmFhhn0aNQCNxbC1vE502lgFbOhCqYa0bzJ21H-b7o089Vv__-P5w5lzXAAUKDeI_J4QlnBRPAClv_yEmJ45yewG5k_Qpbr4pOYit5iKqmk1-OCceNhyyDZ-WaVmV2V3Fh5vsWqehdEtWws2sKeIuQHh0DQVEH-g-FDC.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46dc81e12c401531228bebbdfdeccae81f1b680d11e82fb069f182a3c2c8f5d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
gP6Q88KbXxZRaSlQMGJujQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
457309
reporting-endpoints
x-fb-debug
T+8zZXlQ2eguwlvb0QHY45ONHwC21Yu/nXckd6gNbiDaNDz1dDmOy6fnLnfDqUWlaW8+R4DZBFVYCiJmI66/xQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=()
timing-allow-origin
*
expires
Sat, 11 Jan 2025 19:17:45 GMT
h4Yz_dQ85SY.js
static.cdninstagram.com/rsrc.php/v3i41t4/yP/l/de_DE/
1 MB
207 KB
Script
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3i41t4/yP/l/de_DE/h4Yz_dQ85SY.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
21f35561df761b925cc90f36dc5547f9f8cbcd8e13b7b35debbd2d5ae3ec1835
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Zr7+P7t1JwXqcRYi1a0GDA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
211607
reporting-endpoints
x-fb-debug
KsstE08bFCaDkWZKA8mrJk+hZFfZ0gi/x2x+XNcKhivUGgMs082NUMPCAyP7UgomOAcG7VP7zKonBP1JxLrkig==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=()
timing-allow-origin
*
expires
Sat, 11 Jan 2025 02:21:11 GMT
BorpLVK9bra.js
static.cdninstagram.com/rsrc.php/v3iORb4/yc/l/de_DE/
45 KB
11 KB
Script
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3iORb4/yc/l/de_DE/BorpLVK9bra.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aae189031ccd0be2ffe23d972d47ba4e72f6024538ccde42497e2ed5665cdb63
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
KJyu1SiQS74OLYpkno7+dQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10893
reporting-endpoints
x-fb-debug
FbOOCZ4Hapj0HmNfL5L/IAZutGL+kM3OzZTOGvZ1lpIAowFhrPehKTe0hdmkfwLGwFw7E8gnZCyZ0+EFHUf8dA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=()
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:16:25 GMT
huOUpqKQ9u9.js
static.cdninstagram.com/rsrc.php/v3ip5U4/y0/l/de_DE/
86 KB
23 KB
Script
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3ip5U4/y0/l/de_DE/huOUpqKQ9u9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4528986b57c080dc7a86191cc773d1b8b2ca3f60b7476b6455c6d00ebc680a13
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zJh8xEL02X+CysROwrf7DA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22951
reporting-endpoints
x-fb-debug
fsB1ChOpYFMKuAiX8Usk1VaX8Sert96aL6CR3IDCRc60DZwjwfFimQqK95pgOfo1lVhrzvGW1Cxywx2oiO077g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 09 Jan 2025 20:27:18 GMT
IohmRQ2b689.js
static.cdninstagram.com/rsrc.php/v3/yW/r/
8 KB
2 KB
Script
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3/yW/r/IohmRQ2b689.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2ef97c7aefd93c6b6c3641f45e4abd970bbf6651848671d31571b55c17e4a2ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zJ2WnhkWZlsDTrCpwbpljQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2042
reporting-endpoints
x-fb-debug
uhHDdbsa42lxXISV9NrN2NHn8YPjYjyajFRpKG/JuR6uARrhkJONk9CCGps9lCSpjeGiHO0+BiipYV16OAgF9w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 02 Jan 2025 18:28:55 GMT
vUm_Lu7Wdxr.js
static.cdninstagram.com/rsrc.php/v3iIW84/yv/l/de_DE/
187 KB
39 KB
Script
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3iIW84/yv/l/de_DE/vUm_Lu7Wdxr.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
26fc0c83cc9249f04425aaa52da97b02d46ed5f020d82dc75359163025ed53f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
jw0m1nEaV8n3kBAG9faGEw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
39581
reporting-endpoints
x-fb-debug
HKAYKscaU6BdDxh04FbFSCQLOsSc6vLhXLDRIckYx9sEYvYNCe9uTQxhcD6jO+CZpSjIfSJUKn5w3EsC8gzUNw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 09 Jan 2025 19:55:49 GMT
truncated
/
11 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c26a441e8f1a26613711a8f79913c377cfc63a23a0a8be2c95404df76dd8a06

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f55dccd814d12e9d1bbb5c1942f21fa597939fdf2feac788f46320b3184b119c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
552 B
0
Stylesheet
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79d5e68f02fe570940ec5d2e55e9f74e3f08206929392e4f019d2d94b0e42002

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
N4KpaQ2g0WD.js
static.cdninstagram.com/rsrc.php/v3iTOx4/y2/l/de_DE/
351 KB
77 KB
Script
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3iTOx4/y2/l/de_DE/N4KpaQ2g0WD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yw/r/c7JQTN9K6s_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dd4ad767278e2d71d08dfc05d1cd449cd1d3a2ced7fd41705b771ac4487c9867
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
aDljAHMaftRr6Zh43xZvUw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78418
reporting-endpoints
x-fb-debug
tuztzBvHRQUlL9A85ve4qZAqYVSbL4O7vQMphV673TQZOrIadlAPNMzp/LJfqC965mV4tLt5kdtfklW+VefONQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 02 Jan 2025 06:39:20 GMT
GHKnLL8LCix.js
static.cdninstagram.com/rsrc.php/v3/yj/r/
363 KB
92 KB
Script
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3/yj/r/GHKnLL8LCix.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yw/r/c7JQTN9K6s_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4e7c79eb385d4b32f6d5cde7fc04877b47ece8615206300ca4dd393a5999c983
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
YpoRrIGjNzuYl7GljAADoA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
94062
reporting-endpoints
x-fb-debug
wWPDm8i9RopG6saS0cwZ1AsZQwBbkR33CYWGHrdHZirG91Q+dyQBl0ZGINZnDsHOZ2/vEa/7xAbjr2YJVWcXjw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 07 Jan 2025 21:51:16 GMT
3DGD6JLby5G1NCVQVH57PdS5vdQjn1MlEXcJJcLRMZl8P0wlwceOFjD.js
static.cdninstagram.com/rsrc.php/v3iHGc4/yo/l/de_DE/
40 KB
11 KB
Script
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3iHGc4/yo/l/de_DE/3DGD6JLby5G1NCVQVH57PdS5vdQjn1MlEXcJJcLRMZl8P0wlwceOFjD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yw/r/c7JQTN9K6s_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
15287c041268de15cb30e49f8f6610a2f325fb741c30f011b6edbbcb182759db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
VjIZUB8mZAHbFscFmy/6iw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10817
reporting-endpoints
x-fb-debug
F6D7qZAObPzi81PKQokaG9E+3BI1LC7Z3ECpaB+6vO/hh59ug0FL+yyQpLv2RqH8Ozfo8GADjvXz1kSvuP1lZA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=()
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:17:10 GMT
qGs60wT1cVm.js
static.cdninstagram.com/rsrc.php/v3i4qi4/y7/l/de_DE/
92 KB
22 KB
Script
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3i4qi4/y7/l/de_DE/qGs60wT1cVm.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yw/r/c7JQTN9K6s_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
72d39f37e7d92c10af6fee2417af7aa7e970b9c327aad84f3cb93d6622e1c1ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
TsehljS27A8sHoJyN08hpg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22333
reporting-endpoints
x-fb-debug
crAuK6hRHScUTxa4zSgA2GaobQtNWrGX3z21iEPcFfaHSev7kO72JyyEaJUzXdMlUsYb0iVpT5ANWqM3+Kob9A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 01 Jan 2025 10:52:48 GMT
nXN5pgPCRk2.js
static.cdninstagram.com/rsrc.php/v3iaha4/yF/l/de_DE/
15 KB
5 KB
Script
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3iaha4/yF/l/de_DE/nXN5pgPCRk2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yw/r/c7JQTN9K6s_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
07e25958d3c4d99d5998587d4809978a03267592baadc338da37fcd05c78181f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
U3wSmnCO3SdDUnBj+3X2UQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5268
reporting-endpoints
x-fb-debug
X5u2HzeojCP08vlphZRd/MXQTUHzqJJV7RziidGpkH1aoPjI/JvfIUeUQbGy1yWway6RrgrCKseEu7WABOVNeg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 09 Jan 2025 18:54:11 GMT
oZxoFOecy2_.js
static.cdninstagram.com/rsrc.php/v3iN_84/yb/l/de_DE/
43 KB
12 KB
Script
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3iN_84/yb/l/de_DE/oZxoFOecy2_.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yw/r/c7JQTN9K6s_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7267f87f18732be7ac66e850eddc21011c2fd426e9f502dbc69ac88d2ae3ce51
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xwAvxjQKq+LQ0ObwqlfQUw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12437
reporting-endpoints
x-fb-debug
fWBgBVTSZdp0LOudxxx84BcJxU+LgNEzn4OQq8bDhkUC8h46duLcJayvRoQonGIe1L5kwqbWfuRgwdKXAkIv/Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 02 Jan 2025 02:14:58 GMT
XOoaCeZ9Po5.js
static.cdninstagram.com/rsrc.php/v3/yH/r/
27 KB
9 KB
Script
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3/yH/r/XOoaCeZ9Po5.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yw/r/c7JQTN9K6s_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
417f7832e94b4e409face7725ab42fc617121557f5f8b6abd607595b1f811579
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qGXnigCOzffdv1WR+HWY+g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9157
reporting-endpoints
x-fb-debug
qcHhIkMHCNiKSNI257kJNklNn6BOfM6gQkvxrSzUPUrrEluHjcOJmaVCoJ23SZIuJDmWOgFLb1yjdjqUWePjpw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 06 Jan 2025 12:51:46 GMT
_uI25qIWgdC.js
static.cdninstagram.com/rsrc.php/v3/yh/r/
18 KB
8 KB
Script
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3/yh/r/_uI25qIWgdC.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yw/r/c7JQTN9K6s_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e63c6091c29d3dca1922361d83122ad342034ab06b6300c95ec509f0e7bdf48
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
UU5s4o1NlOM8rTaAPr0vjw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7527
reporting-endpoints
x-fb-debug
Ojqifr+85CNLsJmg4I70Zfk9sDlMvHOsSonEAPQO8svfIpVve+R9OYucoJ8jzbK6rAxkeB9n1NJ6KujJ215lHg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 02 Jan 2025 21:57:02 GMT
/
www.instagram.com/api/v1/web/login_page/
55 B
144 B
XHR
General
Full URL
https://www.instagram.com/api/v1/web/login_page/
Requested by
Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3ibsS4/yw/l/de_DE/r8n0J1e6EaBfQsuiAZrFzHVxmFhhn0aNQCNxbC1vE502lgFbOhCqYa0bzJ21H-b7o089Vv__-P5w5lzXAAUKDeI_J4QlnBRPAClv_yEmJ45yewG5k_Qpbr4pOYit5iKqmk1-OCceNhyyDZ-WaVmV2V3Fh5vsWqehdEtWws2sKeIuQHh0DQVEH-g-FDC.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f276:1e9:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c3ca96e7697c698ed9b0f8a6bf045036724fbcf04459087b8a34fe3bc1d61935
Security Headers
Name Value
Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com https://*.threads.net; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com https://i.threads.net https://*.od.threads.net wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Mid
osjbhi1xsks8yrmwxfk3ra8y1z0xo4a1auwu2k1m9n50e13bnm9f
X-IG-WWW-Claim
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
viewport-width
1600
Accept
*/*
Referer
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
X-Requested-With
XMLHttpRequest
X-ASBD-ID
129477
X-Web-Device-Id
469C22DE-0D4C-4DC6-944A-46296ABC13DB
dpr
1
X-CSRFToken
0PaQhhAbPNFjij5c02Ek2N
sec-ch-prefers-color-scheme
light
X-IG-App-ID
936619743392459

Response headers

date
Fri, 12 Jan 2024 22:48:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com https://*.threads.net; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com https://i.threads.net https://*.od.threads.net wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests
x-ig-set-www-claim
0
x-aed
139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
55
x-xss-protection
0
pragma
no-cache
x-ig-request-elapsed-time-ms
59
cross-origin-embedder-policy-report-only
require-corp;report-to="coep"
x-ig-origin-region
rva
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop"
x-fb-load
388
x-ig-push-state
c2
vary
Accept-Language, Cookie
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
content-language
de
report-to
{"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-ig-cache-control
cache
cache-control
private, no-cache, no-store, must-revalidate
access-control-expose-headers
X-IG-Set-WWW-Claim
x-ig-peak-time
1
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.instagram.com/ajax/bulk-route-definitions/
4 KB
1 KB
XHR
General
Full URL
https://www.instagram.com/ajax/bulk-route-definitions/
Requested by
Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3iwqN4/y9/l/de_DE/h0zbU35wBWo.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f276:1e9:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
feb3964365e5e1413f72f8ed983a1efeaf6bf6250ee3373d0ebaa51fb44a6343
Security Headers
Name Value
Content-Security-Policy default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: *.fbcdn.net *.instagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

X-IG-D
www
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
viewport-width
1600
Content-Type
application/x-www-form-urlencoded
X-FB-LSD
AVr1Jk7OA3w
Referer
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
X-ASBD-ID
129477
dpr
1
sec-ch-prefers-color-scheme
light

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), xr-spatial-tracking=()
content-security-policy
default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: *.fbcdn.net *.instagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
date
Fri, 12 Jan 2024 22:48:25 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: *.fbcdn.net *.instagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster:;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;worker-src *.instagram.com/static_resources/webworker_v1/init_script/ *.instagram.com/static_resources/webworker/init_script/ *.instagram.com/static_resources/sharedworker/init_script/ *.instagram.com/www-service-worker.js;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
z77HkPtHNBHsVQ+xBPtAweMAe0FgvI7X0PCBAPvC2qRxLMYkuYOrEqZJSyJyKX0/haK3/jNWUz3RYxvbFmAigQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(self), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bz
www.instagram.com/ajax/
0
114 B
XHR
General
Full URL
https://www.instagram.com/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=7&__d=www&__hs=19734.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7323347470678759399&__req=2&__rev=1010801225&__s=%3A%3Ablp116&__spin_b=trunk&__spin_r=1010801225&__spin_t=1705099705&__user=0&dpr=1&jazoest=2864&lsd=AVr1Jk7OA3w&ph=C3
Requested by
Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3ibsS4/yw/l/de_DE/r8n0J1e6EaBfQsuiAZrFzHVxmFhhn0aNQCNxbC1vE502lgFbOhCqYa0bzJ21H-b7o089Vv__-P5w5lzXAAUKDeI_J4QlnBRPAClv_yEmJ45yewG5k_Qpbr4pOYit5iKqmk1-OCceNhyyDZ-WaVmV2V3Fh5vsWqehdEtWws2sKeIuQHh0DQVEH-g-FDC.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f276:1e9:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: *.fbcdn.net *.instagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
dpr
1
accept-language
de-DE,de;q=0.9
sec-ch-prefers-color-scheme
light
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
viewport-width
1600
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarywwA5ugReNL96HBWE

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), xr-spatial-tracking=()
content-security-policy
default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: *.fbcdn.net *.instagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
date
Fri, 12 Jan 2024 22:48:25 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: *.fbcdn.net *.instagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster:;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;worker-src *.instagram.com/static_resources/webworker_v1/init_script/ *.instagram.com/static_resources/webworker/init_script/ *.instagram.com/static_resources/sharedworker/init_script/ *.instagram.com/www-service-worker.js;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
0
reporting-endpoints
default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
pbH2c51A/i6Q5unZV1AD00sJXg6QRrt/3V6WVSxbd/bn6KEgZfrNOHjnEmq/756PQZSiEZ8HrH4m14exsjVxtA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
access-control-allow-methods
OPTIONS
access-control-allow-origin
https://www.instagram.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(self), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
vary
Origin
content-type
text/html; charset="utf-8"
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=124024574287414&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.instagram.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%252F%252Fwww.instagram.com%252Festesexpress%252F&sdk=joey&wants_cookie_data=true
Requested by
Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yj/r/GHKnLL8LCix.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.instagram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
strict-transport-security
max-age=15552000; preload
date
Fri, 12 Jan 2024 22:48:25 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
MSlDqyTObdKfDEys+83VGL9Kl+y/jftbJ15cV4+7oaLjNcIflDYzkmv1DskTsA6l8+MrQHW256mmtDYpnaqCxQ==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.instagram.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
expires
Sat, 01 Jan 2000 00:00:00 GMT
8n91YnfPq0s.png
static.cdninstagram.com/rsrc.php/v3/yM/r/
8 KB
8 KB
Image
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3/yM/r/8n91YnfPq0s.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3c872bf3a6e0470d517b154027b379cd5031f3d00abd3e4f96da8bff77e09ba3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.instagram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 12 Jan 2024 22:48:25 GMT
x-content-type-options
nosniff
content-md5
/xUMiK2Pbd8N4sm8cegl3g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7770
reporting-endpoints
x-fb-debug
RloNv/0LLHsKYeb2YQ5GKfxC029LhmwXyW9+G8OGjNg/Y9A7a9Ik6NsqKQMIDZaIesYIaO3XLUzTK0s8CyjFsw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1,i
expires
Fri, 03 Jan 2025 18:17:10 GMT
ZH5y1fnToV-.png
static.cdninstagram.com/rsrc.php/v3/yp/r/
6 KB
6 KB
Image
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3/yp/r/ZH5y1fnToV-.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f9b77551a0666cd49ab7afda97e0261713ae30b7d2ee1601b24d6c904623fdf4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.instagram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 12 Jan 2024 22:48:25 GMT
x-content-type-options
nosniff
content-md5
MhNB6AOzGHGdwpjQbSGk8A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5765
reporting-endpoints
x-fb-debug
xcEN62QYxWX+0DBZEJRxXhA9xAJXriskW4eJjd6DWsAgdrTBFRFxf9AdjROE5MOwrphNocpT0k+qjj5NSwPeqg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 03 Jan 2025 05:05:54 GMT
wiAZRw4y7G1.png
static.cdninstagram.com/rsrc.php/v3/y2/r/
7 KB
7 KB
Image
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3/y2/r/wiAZRw4y7G1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1f7ffa0f42612218b089aa9fb18cf67c6fdaf4e606aaeb3a8d87ca906369f0c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.instagram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 12 Jan 2024 22:48:25 GMT
x-content-type-options
nosniff
content-md5
dhbQa8Fb1Qbrvq6iWESoBA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6852
reporting-endpoints
x-fb-debug
npc7dEw78duZTHRBfUpGHPO6Y5yrShE3iHcHtzwwwn8DiFLvWHe8EWhL8iYN0f8p0wLgI1ZU3LhoQxWmn3AT4Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 04 Jan 2025 00:03:26 GMT
TJztmXpWTmS.png
static.cdninstagram.com/rsrc.php/v3/y5/r/
29 KB
29 KB
Image
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3/y5/r/TJztmXpWTmS.png
Requested by
Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yf/l/0,cross/ZIRv-V3IyfH.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
228327ead5636b35c3da1bb936bf4d05c18ca1e77d4178e8c54f0af258fae401
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.cdninstagram.com/rsrc.php/v3/yf/l/0,cross/ZIRv-V3IyfH.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 12 Jan 2024 22:48:25 GMT
x-content-type-options
nosniff
content-md5
klZctDZBBpD+eVdi4FyhDg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
29945
reporting-endpoints
x-fb-debug
39aLZYbr3mGcM88O0UaI/fBORrZIeSmCEWeGw5w6bChnweQZG/COj74mqhLN7NAxXbdFYoamjfxDjdpThiowFg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 02 Jan 2025 05:19:01 GMT
/
www.instagram.com/ajax/bulk-route-definitions/
12 KB
2 KB
XHR
General
Full URL
https://www.instagram.com/ajax/bulk-route-definitions/
Requested by
Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3iwqN4/y9/l/de_DE/h0zbU35wBWo.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f276:1e9:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
16a4e84f62c2fbcd63d42faa871eb56e95da1e52f92ed23c2dcd5548581c26e8
Security Headers
Name Value
Content-Security-Policy default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: *.fbcdn.net *.instagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

X-IG-D
www
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
viewport-width
1600
Content-Type
application/x-www-form-urlencoded
X-FB-LSD
AVr1Jk7OA3w
Referer
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
X-ASBD-ID
129477
dpr
1
sec-ch-prefers-color-scheme
light

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), xr-spatial-tracking=()
content-security-policy
default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: *.fbcdn.net *.instagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
date
Fri, 12 Jan 2024 22:48:25 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: *.fbcdn.net *.instagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster:;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;worker-src *.instagram.com/static_resources/webworker_v1/init_script/ *.instagram.com/static_resources/webworker/init_script/ *.instagram.com/static_resources/sharedworker/init_script/ *.instagram.com/www-service-worker.js;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
CckcFVddW19Ttxmz1UeWE9ZXzawQOnowY9BYp8x2v58OomFKOay7afQGdvqt/Cz5wSueVGQ8EP7nfVcZsoK9kQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(self), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
AWpGtftDDPX.js
static.cdninstagram.com/rsrc.php/v3/yJ/r/
672 B
360 B
Script
General
Full URL
https://static.cdninstagram.com/rsrc.php/v3/yJ/r/AWpGtftDDPX.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yw/r/c7JQTN9K6s_.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
26c7599463a5f902f6e0231e001b2c04ff9730f465055f461ee52fcf7840c955
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.instagram.com/
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 12 Jan 2024 22:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
WvsnJx+Lg9e9w6jld5EObA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
218
reporting-endpoints
x-fb-debug
A/j7IHIzF9nBWuIsRNclhmqqtnD3HsK5hML6bsnQIzW5xIugsj1a4DEgqu+kIJGTK/SYCaVRqaTSPSIdpZJ9qA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.instagram.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Mon, 30 Dec 2024 18:33:57 GMT
bz
www.instagram.com/ajax/
0
122 B
XHR
General
Full URL
https://www.instagram.com/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=7&__d=www&__hs=19734.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7323347470678759399&__req=4&__rev=1010801225&__s=%3A%3Ablp116&__spin_b=trunk&__spin_r=1010801225&__spin_t=1705099705&__user=0&dpr=1&jazoest=2864&lsd=AVr1Jk7OA3w&ph=C3
Requested by
Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3ibsS4/yw/l/de_DE/r8n0J1e6EaBfQsuiAZrFzHVxmFhhn0aNQCNxbC1vE502lgFbOhCqYa0bzJ21H-b7o089Vv__-P5w5lzXAAUKDeI_J4QlnBRPAClv_yEmJ45yewG5k_Qpbr4pOYit5iKqmk1-OCceNhyyDZ-WaVmV2V3Fh5vsWqehdEtWws2sKeIuQHh0DQVEH-g-FDC.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f276:1e9:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: *.fbcdn.net *.instagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Festesexpress%2F
dpr
1
accept-language
de-DE,de;q=0.9
sec-ch-prefers-color-scheme
light
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
viewport-width
1600
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryuLyJqE4Is64biA60

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), xr-spatial-tracking=()
content-security-policy
default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: *.fbcdn.net *.instagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
date
Fri, 12 Jan 2024 22:48:26 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: *.fbcdn.net *.instagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster:;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;worker-src *.instagram.com/static_resources/webworker_v1/init_script/ *.instagram.com/static_resources/webworker/init_script/ *.instagram.com/static_resources/sharedworker/init_script/ *.instagram.com/www-service-worker.js;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
0
reporting-endpoints
default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
g3zNu0pneFPhSRKnF/mARwhQ2XhhUr+F7yJEwL9tqJBVztKTDxziWAIiUdoOKw9JppbXfoJU92h0OTqI0yHeVQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
access-control-allow-methods
OPTIONS
access-control-allow-origin
https://www.instagram.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(self), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
vary
Origin
content-type
text/html; charset="utf-8"
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ESNJP2KBLW&gtm=45je41a0v883324646z8811903771&_p=1705099704504&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1143551530.1705099705&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=4&sid=1705099704&sct=1&seg=0&dl=https%3A%2F%2Fwww.estes-express.com%2Fredirects%2Festes-email-signature.html%3Fcampaign%3Demail_signature%26amp%3Bpath%3Dinstagram&dt=Estes%20Email%20Signature%20Redirects&en=scroll&epn.scroll_depth=100&_et=2&tfd=1356

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| dataElement function| copyVariables object| variables object| Env function| __annotator function| __d function| requireLazy object| _btldr object| params string| uri string| event_id string| script_path number| weight object| fb_dtsg string| lsd function| mark number| start object| p function| parentIsNotHeadNorBody function| isTagSupported function| getNodeDataSet function| addLoadEventListeners undefined| MAX_CALLS_TO_EXEC function| __bodyWrapper function| __t function| __w number| __DEV__ function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireInterop function| importDefault function| importNamespace function| requireDynamic object| __onBeforeModuleFactory object| __onAfterModuleFactory function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| __onSSRPayload function| __onSSRViewportGuessValidation boolean| __isReactFizzContext function| __invalidateSSR function| __logSSRQPL function| ScheduleJSWork object| TimeSlice function| $RC object| $RM object| _sharedData function| applyFocusVisiblePolyfill object| storageCache object| __igExposedQEs function| fbAsyncInit object| FB function| AsyncRequest object| __buffer

17 Cookies

Domain/Path Name / Value
www.estes-express.com/ Name: JSESSIONID
Value: 59FEA444B82D40B3D532CBF4F9F831B5
www.estes-express.com/ Name: opvc
Value: 163f209f-9821-4feb-a083-b2e126297d63
www.estes-express.com/ Name: sitevisitscookie
Value: 1
www.estes-express.com/ Name: dmid
Value: 4d268c9d-0537-4f73-9d2c-1a455dcf8486
.estes-express.com/ Name: _gcl_au
Value: 1.1.506568912.1705099705
www.estes-express.com/ Name: AWSALB
Value: LsiDXZ/2cljfbqXpj2VqOXeFQFwbQTmn8c2D5UGGi2Ih50GFiK0KffmmGw1XbUuQNzMTAwhgnLIdIZTkRjBjL9ajI0Nxl1Fr0+8fCIrcN9qxrrocHULTLuhgVM1i
www.estes-express.com/ Name: AWSALBCORS
Value: LsiDXZ/2cljfbqXpj2VqOXeFQFwbQTmn8c2D5UGGi2Ih50GFiK0KffmmGw1XbUuQNzMTAwhgnLIdIZTkRjBjL9ajI0Nxl1Fr0+8fCIrcN9qxrrocHULTLuhgVM1i
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.estes-express.com/ Name: _ga_ESNJP2KBLW
Value: GS1.1.1705099704.1.0.1705099704.0.0.0
.estes-express.com/ Name: _ga
Value: GA1.2.1143551530.1705099705
.estes-express.com/ Name: _gid
Value: GA1.2.1873628121.1705099705
.estes-express.com/ Name: _dc_gtm_UA-2307964-1
Value: 1
.estes-express.com/ Name: _hjSessionUser_1605881
Value: eyJpZCI6IjIzNTIzMzMyLTMzOTAtNWNjZi05YWNiLWFlMjFmNDcyZjAxYiIsImNyZWF0ZWQiOjE3MDUwOTk3MDQ5ODUsImV4aXN0aW5nIjpmYWxzZX0=
.estes-express.com/ Name: _hjFirstSeen
Value: 1
.estes-express.com/ Name: _hjIncludedInSessionSample_1605881
Value: 0
.estes-express.com/ Name: _hjSession_1605881
Value: eyJpZCI6IjFlYzkyMDIwLTU5MmUtNDEzYy1iMzY3LTBkNDQ3YWU2NDM3YiIsImMiOjE3MDUwOTk3MDQ5ODUsInMiOjAsInIiOjAsInNiIjoxfQ==
.estes-express.com/ Name: _hjAbsoluteSessionInProgress
Value: 0

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=157680000 max-age=10368000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
googleads.g.doubleclick.net
region1.google-analytics.com
script.hotjar.com
static.cdninstagram.com
static.hotjar.com
stats.g.doubleclick.net
www.estes-express.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.instagram.com
region1.google-analytics.com
13.227.219.28
2001:4860:4802:34::36
208.75.50.32
2a00:1450:4001:803::200a
2a00:1450:4001:810::2008
2a00:1450:4001:827::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c07::9b
2a03:2880:f176:181:face:b00c:0:25de
2a03:2880:f276:1c3:face:b00c:0:43fe
2a03:2880:f276:1e9:face:b00c:0:4420
52.222.139.110
07e25958d3c4d99d5998587d4809978a03267592baadc338da37fcd05c78181f
0e63c6091c29d3dca1922361d83122ad342034ab06b6300c95ec509f0e7bdf48
15287c041268de15cb30e49f8f6610a2f325fb741c30f011b6edbbcb182759db
16a4e84f62c2fbcd63d42faa871eb56e95da1e52f92ed23c2dcd5548581c26e8
1f7ffa0f42612218b089aa9fb18cf67c6fdaf4e606aaeb3a8d87ca906369f0c1
21f35561df761b925cc90f36dc5547f9f8cbcd8e13b7b35debbd2d5ae3ec1835
228327ead5636b35c3da1bb936bf4d05c18ca1e77d4178e8c54f0af258fae401
2364d078c0e63565e594394d4f3ac8b21cbebfd09f278a240b4fe3454dae78ca
26c7599463a5f902f6e0231e001b2c04ff9730f465055f461ee52fcf7840c955
26fc0c83cc9249f04425aaa52da97b02d46ed5f020d82dc75359163025ed53f7
2ef97c7aefd93c6b6c3641f45e4abd970bbf6651848671d31571b55c17e4a2ac
33fefe9c6fb9ad6e055cb06ee641cb03371f41e4f078a95b1c27dc977e745724
35a74279c293c97e44c02bb3a815eb94f66391a71ec0cbe18f3bf4b9dee60136
3c872bf3a6e0470d517b154027b379cd5031f3d00abd3e4f96da8bff77e09ba3
417f7832e94b4e409face7725ab42fc617121557f5f8b6abd607595b1f811579
41bf28018cbba9df7f9cd3c09452d8b3fa2a8690a381f787113e23fe19c83d2e
4528986b57c080dc7a86191cc773d1b8b2ca3f60b7476b6455c6d00ebc680a13
46dc81e12c401531228bebbdfdeccae81f1b680d11e82fb069f182a3c2c8f5d2
4d2be1a0673981c78f3bbca448fa9ee7da91065ce1e1cae894cecfe7dc4a0291
4e7c79eb385d4b32f6d5cde7fc04877b47ece8615206300ca4dd393a5999c983
548ba844583be9db2a87dfdfa9a3cc30f52aff0eb6d164c2eb280b5470ed44ad
7267f87f18732be7ac66e850eddc21011c2fd426e9f502dbc69ac88d2ae3ce51
72d39f37e7d92c10af6fee2417af7aa7e970b9c327aad84f3cb93d6622e1c1ef
79690b8ff5d31df844787e36d4048705a13bfd07f307e42e5087e235e3b16504
79d5e68f02fe570940ec5d2e55e9f74e3f08206929392e4f019d2d94b0e42002
7c26a441e8f1a26613711a8f79913c377cfc63a23a0a8be2c95404df76dd8a06
857a5bcb9e09b1a3ed77b9d3d7a6ded10ab27d1a66ace4c39ffca422cef09da7
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
a83a319c6e7bf8171265e277fe99f6be0443ce609df2d76316d1f2de1bcdfaa2
aae189031ccd0be2ffe23d972d47ba4e72f6024538ccde42497e2ed5665cdb63
c3ca96e7697c698ed9b0f8a6bf045036724fbcf04459087b8a34fe3bc1d61935
dd4ad767278e2d71d08dfc05d1cd449cd1d3a2ced7fd41705b771ac4487c9867
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b0b7306c249ee7cc3aaa7a548457912470cd6c17c7d7e5d0e932ccc4673f6a
f55dccd814d12e9d1bbb5c1942f21fa597939fdf2feac788f46320b3184b119c
f9b77551a0666cd49ab7afda97e0261713ae30b7d2ee1601b24d6c904623fdf4
f9fa82b85bb7917bae37d58bbdd9cac3fe6951a58101997a73a14a67b82671f8
feb3964365e5e1413f72f8ed983a1efeaf6bf6250ee3373d0ebaa51fb44a6343