urlscan.io logo urlscan.io
SecurityTrails logo

api.whatsapp.com Open in urlscan Pro
2a03:2880:f207:c5:face:b00c:0:167  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.contato.luizgomesproducoes.com/
Effective URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
Submission: On August 29 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 6 domains to perform 26 HTTP transactions. The main IP is 2a03:2880:f207:c5:face:b00c:0:167, located in Vienna, Austria and belongs to FACEBOOK, US. The main domain is api.whatsapp.com. The Cisco Umbrella rank of the primary domain is 15352.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on June 7th 2022. Valid for: 3 months.
This is the only time api.whatsapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 69.49.241.74 46606 (UNIFIEDLA...)
1 14 2a03:2880:f20... 32934 (FACEBOOK)
6 2a03:2880:f11... 32934 (FACEBOOK)
26 3
Apex Domain
Subdomains		 Transfer
11 whatsapp.net
static.whatsapp.net — Cisco Umbrella Rank: 1564
pps.whatsapp.net — Cisco Umbrella Rank: 2315
272 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
2 whatsapp.com
api.whatsapp.com — Cisco Umbrella Rank: 15352
29 KB
1 wa.me
wa.me — Cisco Umbrella Rank: 24326
890 B
1 luizgomesproducoes.com
www.contato.luizgomesproducoes.com
106 B
0 Failed
function sub() { [native code] }. Failed
26 6
Domain Requested by
10 static.whatsapp.net api.whatsapp.com
static.whatsapp.net
6 www.facebook.com api.whatsapp.com
2 api.whatsapp.com static.whatsapp.net
1 pps.whatsapp.net api.whatsapp.com
1 wa.me 1 redirects
1 www.contato.luizgomesproducoes.com 1 redirects
0 send Failed static.whatsapp.net
26 7
Subject Issuer Validity Valid
*.whatsapp.net
DigiCert SHA2 High Assurance Server CA		 2022-06-07 -
2022-09-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-07 -
2022-09-05		 3 months crt.sh

This page contains 1 frames:

Frame: whatsapp://send/?autoload=1&app_absent=0&phone=553492063019&text
Frame ID: 2F19FF6BE609B24A867331E9FCB86FE3
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

In WhatsApp teilen

Page URL History Show full URLs

  1. https://www.contato.luizgomesproducoes.com/ HTTP 301
    https://wa.me/message/JJJ336J5CDUYO1 HTTP 302
    https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0 Page URL

Page Statistics

26
Requests

73 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

3
IPs

3
Countries

301 kB
Transfer

882 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.contato.luizgomesproducoes.com/ HTTP 301
    https://wa.me/message/JJJ336J5CDUYO1 HTTP 302
    https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request JJJ336J5CDUYO1
api.whatsapp.com/message/
Redirect Chain
  • https://www.contato.luizgomesproducoes.com/
  • https://wa.me/message/JJJ336J5CDUYO1
  • https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
128 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f207:c5:face:b00c:0:167 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4fcd82faa600841280e34360e7d4b5e457b7f0e5e80aab6cadf5fdb596585f3a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.fbcdn.net *.whatsapp.com *.whatsapp.net;style-src 'self' data: blob: 'unsafe-inline' whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;connect-src 'self' data: blob: https://*.whatsapp.com;font-src data: https://*.fbcdn.net;img-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;frame-src 'self' data: blob: whatsapp:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.fbcdn.net *.whatsapp.com *.whatsapp.net;style-src 'self' data: blob: 'unsafe-inline' whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;connect-src 'self' data: blob: https://*.whatsapp.com;font-src data: https://*.fbcdn.net;img-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;frame-src 'self' data: blob: whatsapp:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Mon, 29 Aug 2022 14:28:40 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
m36eV4kdA8GGN1NT+Tdmp7yeHsQwbd+BDdxmPDZkC5hVuddb4TVrHWSRvNgXVqpqwRly9ehgCHxgqkll359Tfg==
x-fb-trip-id
1679558926
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src 'self' data: blob: *.whatsapp.net *.whatsapp.com *.fbcdn.net;script-src 'self' data: blob: *.whatsapp.net *.whatsapp.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval';style-src 'self' data: blob: *.whatsapp.net *.whatsapp.com *.fbcdn.net 'unsafe-inline';frame-src 'self' data: blob: whatsapp:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
rollout
date
Mon, 29 Aug 2022 14:28:39 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
location
https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-type-options
nosniff
x-fb-debug
zZOVqCuGHaUF1bS6vlo1WBroxIT0JmrknQ5aayJqFvdWUb4gsFTRC/epG2OUhSko5jNn6wtZ1wNMvPw6ODmd/A==
x-fb-trip-id
1679558926
x-frame-options
DENY
x-xss-protection
0
92yU3_1E6qP.css
static.whatsapp.net/rsrc.php/v3/y-/l/0,cross/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/y-/l/0,cross/92yU3_1E6qP.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f207:c5:face:b00c:0:167 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7970a2380500bed432febc202c0a7f477b94e325bc17487da0930e6ed59632ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 23:58:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
OXD4rIZ3Ikt8HBTPS4V0tg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
content-length
1765
x-fb-rlafr
0
x-fb-debug
ObFIpEPl7xihxYkFzapN58VMd408Q8f2nZl1zjvKk9D4RD+CudU4xx1S3mCHTfJHabV4Xf7FlHQ+0nUjPxn2cA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 12 Aug 2023 18:49:56 GMT
fdGyMJRiAzJ.css
static.whatsapp.net/rsrc.php/v3/yP/l/0,cross/ 		122 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/yP/l/0,cross/fdGyMJRiAzJ.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f207:c5:face:b00c:0:167 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
29e4df3d91e37536cb71513008491c02a1fe79215e396b46a8aa449af2c64819
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 16:06:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
G/oA2cOQqs2NAGx3gVB7vw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
content-length
23966
x-fb-rlafr
0
x-fb-debug
w3E9WNarBg1YhaEFVTOmaUAyqKIp6RuxtfxsyetkigCp8DkZ9If/rwj01X4qLu1lDCvR1Z4qaL0aFz96qz4Elg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1661702121334
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 28 Aug 2023 15:55:21 GMT
eU6MQ_0d-Bb.css
static.whatsapp.net/rsrc.php/v3/yJ/l/0,cross/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/yJ/l/0,cross/eU6MQ_0d-Bb.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f207:c5:face:b00c:0:167 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a10e7f11dc013af36c9b784c419df1ff13888d21fb5861b7c63c9ca3bb7cee1b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 15:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
TIO8UY0sATlpfnE5rg91yQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
content-length
2000
x-fb-rlafr
0
x-fb-debug
MD1QELmtG84ZuZJGkCEHOlSLp1zWGNunPQW52wX2xTZ4WzeObMCI0m0Uh/NwC0wl+HFAJYWyJ+hdk9MGnBLQmw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1661094729490
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 21 Aug 2023 15:12:09 GMT
28bZN702Ikw.css
static.whatsapp.net/rsrc.php/v3/yc/l/0,cross/ 		761 B
543 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/yc/l/0,cross/28bZN702Ikw.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f207:c5:face:b00c:0:167 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c6db3f25cef9d302542b41e0ed51aa8a7df470c38568a44606ee5ddfb0f9079
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 03:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
VLzN3cDGGSC5C5stMHnv7A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
content-length
330
x-fb-rlafr
0
x-fb-debug
lHvdMk58rKiHkj1eEj5ymxA0eMrZ5Xe0mBi36/NlaseuNy3uqi46NbK8WEaN/8h6JDwbfY7XJICTP86eF/yd2Q==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 11 Aug 2023 18:29:21 GMT
cR2vth5Ltnv.js
static.whatsapp.net/rsrc.php/v3/yV/r/ 		321 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/yV/r/cR2vth5Ltnv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f207:c5:face:b00c:0:167 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a05bd5b7e6899c60dc8439d383c40d3676cee3182a64719396fddafb5a22cb5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 00:59:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
8fWPsmVD7c/dXZtSbQYiKQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
content-length
101640
x-fb-rlafr
0
x-fb-debug
ibErJQOk5ZNzq/u1i9zluPAlI4m+BeupOP71DEzGEDpUt7+a9FvUyJUuzZ7sjvD5qi2HPB7YiU15FJKC7WrxUA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1661560938929
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 27 Aug 2023 00:42:18 GMT
36B424nhiL4.svg
static.whatsapp.net/rsrc.php/ym/r/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.whatsapp.net/rsrc.php/ym/r/36B424nhiL4.svg
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f207:c5:face:b00c:0:167 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
708f4f787db19dcb4cca817e1c38fba2baf0216b092c90d59648464791d57abb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.whatsapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 07:08:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
1PahtogH2TdrYgTecqnYJw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
content-length
3483
x-fb-rlafr
0
x-fb-debug
ERZngb2TEX1TAQPnbY5xp/oIUwfCaSdYh4F61E7vE0N7RG4yZMTelmoB6rftJaHnVlTeysHN4iO0EocDW4FMAg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 14 Aug 2023 14:15:09 GMT
lOol7j-zq4u.svg
static.whatsapp.net/rsrc.php/yz/r/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.whatsapp.net/rsrc.php/yz/r/lOol7j-zq4u.svg
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f207:c5:face:b00c:0:167 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
533ef6670e3d9c0e44718d0afa43f2edda11b58586e9da4e8f621145cf84d4d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.whatsapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 04:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
fzJfYVRegc0rwTLMap2TrQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
content-length
1223
x-fb-rlafr
0
x-fb-debug
TGBteDn1+TBetdO8O7L4IGDIYvVGFSjGR/09fK2WwUczIwD6eOhXUeEP94q4cOH8Tzxv21oY3ln3Q68dYFn/IQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 15 Aug 2023 09:11:02 GMT
187686325_1121835418552407_532318812587722710_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pps.whatsapp.net/v/t61.24694-24/187686325_1121835418552407_532318812587722710_n.jpg?ccb=11-4&oh=01_AVw4TJCKqOIldGJVf6z1jceBgib-J4onv6V6Joo3zHsmoA&oe=6311E92B
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f207:c5:face:b00c:0:167 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6c051d485e2bce70465495958b171000f1344b8703082690b507da54ceb0030f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.whatsapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-haystack-needlechecksum
4140009969
date
Mon, 29 Aug 2022 14:28:41 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
x-content-cdn-origin-ts
1661783321122
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3735460608
cache-control
public; max-age=460800
last-modified
Sun, 06 Mar 2022 14:20:14 GMT
x-needle-checksum
3735460608
x-fb-edge-debug
aH27wLz9EYbY3djf0aMEi72XTWECzhE6vUxqJzYG3LRGvELUdtRjmEcEUJdy2-ajmrf2xFr3kztlDLXgclFP4w
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
73623
access-control-expose-headers
x-wa-metadata
/
www.facebook.com/csp/reporting/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?m=c&minimize=0
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://api.whatsapp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/csp-report

Response headers
c_1vdG88uNh.woff2
static.whatsapp.net/rsrc.php/yH/r/ 		0
0
/
www.facebook.com/csp/reporting/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?m=c&minimize=0
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://api.whatsapp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/csp-report

Response headers
KKlOyJQcRfr.woff
static.whatsapp.net/rsrc.php/yN/r/ 		0
0
/
www.facebook.com/csp/reporting/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?m=c&minimize=0
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://api.whatsapp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/csp-report

Response headers
RuiWHQ9HuZ-.woff2
static.whatsapp.net/rsrc.php/yR/r/ 		0
0
/
www.facebook.com/csp/reporting/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?m=c&minimize=0
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://api.whatsapp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/csp-report

Response headers
5vZjyJccuEw.woff
static.whatsapp.net/rsrc.php/ya/r/ 		0
0
/
www.facebook.com/csp/reporting/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?m=c&minimize=0
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://api.whatsapp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/csp-report

Response headers
zSaFQ46AO2w.woff2
static.whatsapp.net/rsrc.php/yU/r/ 		0
0
/
www.facebook.com/csp/reporting/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?m=c&minimize=0
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://api.whatsapp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/csp-report

Response headers
_gCoI-iROin.woff
static.whatsapp.net/rsrc.php/yR/r/ 		0
0
poTA0dSUuWs.js
static.whatsapp.net/rsrc.php/v3/y0/r/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/y0/r/poTA0dSUuWs.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.whatsapp.net
URL: https://static.whatsapp.net/rsrc.php/v3/yV/r/cR2vth5Ltnv.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f207:c5:face:b00c:0:167 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3db727b80556d451be5a9944a0d596479825513b5af46910433e4b7c17a7d76c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
gJKUPvzc7idPBzMDdzCa7A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
content-length
2488
x-fb-rlafr
0
x-fb-debug
v80oX1Iyk5dCirRMTaU7h70m9zDWN9R6HjBPLCvWcMt5PAaEkyc2d9KroB0BlH2TUuXXMWIxeB9NPOZOGI1Cdg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1661011901256
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 20 Aug 2023 16:11:41 GMT
j6YZ-ObsJpP.js
static.whatsapp.net/rsrc.php/v3ibND4/y2/l/de_DE/ 		181 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3ibND4/y2/l/de_DE/j6YZ-ObsJpP.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.whatsapp.net
URL: https://static.whatsapp.net/rsrc.php/v3/yV/r/cR2vth5Ltnv.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f207:c5:face:b00c:0:167 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7ba586c600467bb90c81b0c759a4baa7e2ac8b7e78d0d05408176da6a7069fd1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 06:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
I/+ZEkyQ3yj4fmUtP0/GIQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
content-length
56269
x-fb-rlafr
0
x-fb-debug
m4k2WOioHhyOHrwFptIbJMuB0xzOaZb8Z/BAukNVfkCTqARTq/N5c8aRFo1yNGpQCO0+uXX6g6ASqL9tBTodRQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 15 Aug 2023 09:15:22 GMT
-QTqHfHd7GF.js
static.whatsapp.net/rsrc.php/v3/yr/r/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/yr/r/-QTqHfHd7GF.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.whatsapp.net
URL: https://static.whatsapp.net/rsrc.php/v3/yV/r/cR2vth5Ltnv.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f207:c5:face:b00c:0:167 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b0fd36bdbee29eac6a065faa4a689cfa37a278e869e2b248add7fa3e33b59bc3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 21:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
CuS5PD4ply71R79KvU+mHA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
content-length
8731
x-fb-rlafr
0
x-fb-debug
D1olKf1ABZmBgw0/AtxMTLWtTUKaLD7H2ZNLq/OZxb9mY0nKlSIos3Rfc9RbHdIju3LLzAosDB2HLbJ+D8aEmw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1661549552031
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 26 Aug 2023 21:32:32 GMT
/
send/ 		0
0
bz
api.whatsapp.com/ajax/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.whatsapp.com/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=0&__dyn=7wKwkHg7ebwKBWo5O12wAxu13w8CewSwMxW0SU1nEhwem0nCq1ewcG0KE33w8G0umUS1vw5zwww6DwdK0D83mwaS0zE1bE1AE17U2ZwrU&__hs=19233.BP%3Awhatsapp_www_pkg.2.0.0.0.0&__hsi=7137305012532380538&__req=1&__rev=1006108230&__s=%3A%3Axxc9i3&__user=0&dpr=1&jazoest=21759&lsd=PziLYPln5pCP0EGZF1R1KJ
Requested by
Host: static.whatsapp.net
URL: https://static.whatsapp.net/rsrc.php/v3ibND4/y2/l/de_DE/j6YZ-ObsJpP.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f207:c5:face:b00c:0:167 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.fbcdn.net *.whatsapp.com *.whatsapp.net;style-src 'self' data: blob: 'unsafe-inline' whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;connect-src 'self' data: blob: https://*.whatsapp.com;font-src data: https://*.fbcdn.net;img-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;frame-src 'self' data: blob: whatsapp:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryRcpNAqA4VGjPpXVx

Response headers

content-security-policy
default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.fbcdn.net *.whatsapp.com *.whatsapp.net;style-src 'self' data: blob: 'unsafe-inline' whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;connect-src 'self' data: blob: https://*.whatsapp.com;font-src data: https://*.fbcdn.net;img-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;frame-src 'self' data: blob: whatsapp:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
Xfo5tc2zpUrDDGS7HOnfALDchJeNej2kN70nr8zGjQ1GASQdKcNUWBn6i/2czJM5v/+x5Z3is5kD7ZMSc/92mg==
x-fb-trip-id
1679558926
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 29 Aug 2022 14:28:42 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://api.whatsapp.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
access-control-expose-headers
X-FB-Debug, X-Loader-Length

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.whatsapp.net
URL
https://static.whatsapp.net/rsrc.php/yH/r/c_1vdG88uNh.woff2
Domain
static.whatsapp.net
URL
https://static.whatsapp.net/rsrc.php/yN/r/KKlOyJQcRfr.woff
Domain
static.whatsapp.net
URL
https://static.whatsapp.net/rsrc.php/yR/r/RuiWHQ9HuZ-.woff2
Domain
static.whatsapp.net
URL
https://static.whatsapp.net/rsrc.php/ya/r/5vZjyJccuEw.woff
Domain
static.whatsapp.net
URL
https://static.whatsapp.net/rsrc.php/yU/r/zSaFQ46AO2w.woff2
Domain
static.whatsapp.net
URL
https://static.whatsapp.net/rsrc.php/yR/r/_gCoI-iROin.woff
Domain
send
URL
whatsapp://send/?autoload=1&app_absent=0&phone=553492063019&text

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| envFlush object| Env number| __DEV__ boolean| CavalryLogger function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E number| __bigPipeFactory string| _script_path object| onloadhooks function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| domreadyhooks function| AsyncRequest object| onbeforeunloadhooks object| __FB_STORE object| onafterunloadhooks object| onunloadhooks boolean| domready boolean| loaded

0 Cookies

6 Console Messages

Source Level URL
Text
security error URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0(Line 28)
Message:
Refused to load the font 'https://static.whatsapp.net/rsrc.php/yH/r/c_1vdG88uNh.woff2' because it violates the following Content Security Policy directive: "font-src data: https://*.fbcdn.net".
security error URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0(Line 28)
Message:
Refused to load the font 'https://static.whatsapp.net/rsrc.php/yN/r/KKlOyJQcRfr.woff' because it violates the following Content Security Policy directive: "font-src data: https://*.fbcdn.net".
security error URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0(Line 28)
Message:
Refused to load the font 'https://static.whatsapp.net/rsrc.php/yR/r/RuiWHQ9HuZ-.woff2' because it violates the following Content Security Policy directive: "font-src data: https://*.fbcdn.net".
security error URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0(Line 28)
Message:
Refused to load the font 'https://static.whatsapp.net/rsrc.php/ya/r/5vZjyJccuEw.woff' because it violates the following Content Security Policy directive: "font-src data: https://*.fbcdn.net".
security error URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0(Line 28)
Message:
Refused to load the font 'https://static.whatsapp.net/rsrc.php/yU/r/zSaFQ46AO2w.woff2' because it violates the following Content Security Policy directive: "font-src data: https://*.fbcdn.net".
security error URL: https://api.whatsapp.com/message/JJJ336J5CDUYO1?autoload=1&app_absent=0(Line 28)
Message:
Refused to load the font 'https://static.whatsapp.net/rsrc.php/yR/r/_gCoI-iROin.woff' because it violates the following Content Security Policy directive: "font-src data: https://*.fbcdn.net".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.fbcdn.net *.whatsapp.com *.whatsapp.net;style-src 'self' data: blob: 'unsafe-inline' whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;connect-src 'self' data: blob: https://*.whatsapp.com;font-src data: https://*.fbcdn.net;img-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;frame-src 'self' data: blob: whatsapp:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0