instgram.azurewebsites.net Open in urlscan Pro
65.52.168.70 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://instgram.azurewebsites.net/
Effective URL:
https://instgram.azurewebsites.net/
Submission: On March 26 via api (March 26th 2024, 6:55:40 pm UTC) from LU — Scanned from DE

Summary HTTP 42 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 42 HTTP transactions. The main IP is 65.52.168.70, located in Hong Kong, Hong Kong and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is instgram.azurewebsites.net.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on March 13th 2024. Valid for: a year.

This is the only time instgram.azurewebsites.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Instagram (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
9	65.52.168.70 65.52.168.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2a03:2880:f27... 2a03:2880:f277:c0:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
15	157.240.252.63 157.240.252.63	32934 (FACEBOOK) (FACEBOOK)
42	4

9 65.52.168.70 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

instgram.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f277:c0:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
graph.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 157.240.252.63 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: instagram-p3-shv-01-fra3.fbcdn.net

static.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	cdninstagram.com static.cdninstagram.com — Cisco Umbrella Rank: 3675	2 MB
9	azurewebsites.net instgram.azurewebsites.net	125 KB
1	instagram.com graph.instagram.com — Cisco Umbrella Rank: 234
0	facebook.com Failed www.facebook.com Failed
42	4

	Domain	Requested by
23	static.cdninstagram.com	instgram.azurewebsites.net static.cdninstagram.com
9	instgram.azurewebsites.net	static.cdninstagram.com
1	graph.instagram.com	static.cdninstagram.com
0	www.facebook.com Failed
42	4

This site contains links to these domains. Also see Links.

Domain
l.instagram.com
about.meta.com
about.instagram.com
help.instagram.com
developers.facebook.com
www.threads.net

Subject Issuer	Validity	Valid
*.azurewebsites.net Microsoft Azure RSA TLS Issuing CA 07	`2024-03-13` - `2025-03-08`	a year	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2024-01-04` - `2024-04-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://instgram.azurewebsites.net/
Frame ID: 8E4000A8D7EA84987C0C3940F03675DC
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Instagram

Page URL History Show full URLs

http://instgram.azurewebsites.net/ HTTP 307
https://instgram.azurewebsites.net/ Page URL

Page Statistics

42
Requests

79 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2026 kB
Transfer

8486 kB
Size

2
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://l.instagram.com/?u=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dcom.instagram.android%26referrer%3Dig_mid%253D25D2F6D8-AD21-45BA-AEE0-B77F46E84A53%2526utm_campaign%253DloginPage%2526utm_content%253Dlo%2526utm_source%253Dinstagramweb%2526utm_medium%253Dbadge&e=AT2BKmnemZrAsH54yJ4KZbjMwLEF6CQpsmyqkJqYfcvhhfXdeqpUKDJdJ72Eh9SlXGPfGlKkxzUchf9u2ZR1pSG-JPohD_lljxbpGHoX-1rEZSnW5phvowPo-MHvXvKN9N0opQgs5Ao7zIhUEWmvuw

Search URL Search Domain Scan URL

URL: https://about.meta.com/
Title: Meta

Search URL Search Domain Scan URL

URL: https://about.instagram.com/
Title: About

Search URL Search Domain Scan URL

URL: https://about.instagram.com/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://help.instagram.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://developers.facebook.com/docs/instagram
Title: API

Search URL Search Domain Scan URL

URL: https://www.threads.net/
Title: Threads

Search URL Search Domain Scan URL

URL: https://l.instagram.com/?u=https%3A%2F%2Fwww.facebook.com%2Fhelp%2Finstagram%2F261704639352628&e=AT2BKmnemZrAsH54yJ4KZbjMwLEF6CQpsmyqkJqYfcvhhfXdeqpUKDJdJ72Eh9SlXGPfGlKkxzUchf9u2ZR1pSG-JPohD_lljxbpGHoX-1rEZSnW5phvowPo-MHvXvKN9N0opQgs5Ao7zIhUEWmvuw
Title: Contact Uploading & Non-Users

Search URL Search Domain Scan URL

URL: https://about.meta.com/technologies/meta-verified/
Title: Meta Verified

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://instgram.azurewebsites.net/ HTTP 307
https://instgram.azurewebsites.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
instgram.azurewebsites.net/
Redirect Chain

http://instgram.azurewebsites.net/
https://instgram.azurewebsites.net/

260 KB
75 KB

1637ms
919ms

Document
text/html

65.52.168.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://instgram.azurewebsites.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

65.52.168.70 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0 ASP.NET

Resource Hash

74d8dd0913f5700fe5e0fbe6af587d8b5856e29ff8e609b1156b4724ce23c793

Security Headers

Name	Value
Content-Security-Policy	default-src .facebook.com .fbcdn.net .instagram.com data: blob:;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' .teststagram.com .instagram.com static.cdninstagram.com .google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' .fbcdn.net .facebook.com .instagram.com .teststagram.com static.cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: ws://localhost:* blob: .instagram.com .cdninstagram.com wss://.instagram.com: 'self' .teststagram.com wss://edge-chat.instagram.com connect.facebook.net https://meta.privacy-gateway.cloudflare.com/relay;font-src .facebook.com data: fonts.gstatic.com .fbcdn.net .instagram.com .teststagram.com static.cdninstagram.com .intern.facebook.com;img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com www.gstatic.com .fbsbx.com android-webview-video-poster: .oculuscdn.com www.googleadservices.com .doubleclick.net .google.com .google.co.uk .giphy.com .teststagram.com .igsonar.com .google-analytics.com .whatsapp.net;media-src .facebook.com .fbcdn.net .instagram.com .cdninstagram.com cdn.fbsbx.com data: blob: https://.giphy.com;frame-src .instagram.com .facebook.com .fbsbx.com fbsbx.com data: www.googleadservices.com .doubleclick.net .google.com *.google.co.uk;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate
Content-Encoding: zstd
Content-Length: 70767
Content-Security-Policy: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net https://meta.privacy-gateway.cloudflare.com/relay;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com www.gstatic.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob: https://*.giphy.com;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data: www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk;block-all-mixed-content;upgrade-insecure-requests;
Content-Security-Policy-Report-Only: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net https://meta.privacy-gateway.cloudflare.com/relay;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob: https://*.giphy.com;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;worker-src *.instagram.com/static_resources/webworker_v1/init_script/ *.instagram.com/static_resources/webworker/init_script/ *.instagram.com/static_resources/sharedworker/init_script/ *.instagram.com/www-service-worker.js;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Content-Type: text/html; charset="utf-8"
Date: Tue, 26 Mar 2024 18:55:33 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-FB-Debug: +c0/ku7BjSPlhNkuHpk6HlyI/9pZcBJeAfp0JQWYEEeREwdiZlY8KoM4dX1RAKj3WXPrDnpE8l0b6UyFd7bssQ==
X-Frame-Options: DENY
X-Powered-By: ARR/3.0 ASP.NET
X-XSS-Protection: 0
accept-ch: viewport-width,dpr,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
accept-ch-lifetime: 4838400
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: same-origin
document-policy: force-load-at-top
origin-agent-cluster: ?0
permissions-policy: accelerometer=(self), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
x-stack: www

Redirect headers

Location: https://instgram.azurewebsites.net/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 VRfZTeX3evH.css
static.cdninstagram.com/rsrc.php/v3/yh/l/0,cross/ 684 KB
153 KB 147ms
41ms Stylesheet
text/css 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3/yh/l/0,cross/VRfZTeX3evH.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: instgram.azurewebsites.net
URL: https://instgram.azurewebsites.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

166f5464a7c7c2ad5af48fc84e091a239cf2efc303896019239486715f4d7348

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: XaRsrjqIEX1X83LmCuoBMA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 155597
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2865, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: ii+0gDEBYQcf8DGx/CBouVXFdyBUq1/entAdXfTCHK/S4MbK1vC4jxHgFB1bwafB6EZT38LCCe6iZG3liJtnug==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Wed, 26 Mar 2025 06:42:52 GMT

GET
H2 200 noD1oQJiCYY.js Show response
static.cdninstagram.com/rsrc.php/v3/yo/r/ 272 KB
70 KB 282ms
176ms Script
application/x-javascript 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3/yo/r/noD1oQJiCYY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: instgram.azurewebsites.net
URL: https://instgram.azurewebsites.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d9c9993b92744bf5ec761f893831d0fc522faca1516a2d3b88fd6dd1e36abc61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: ER36qadU2cF543GXco9law==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 71141
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=101141, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: dXVTfvX2FBCdXz518CB3qlu5GRpbaKqbL7QbUPIcO5ztdvPmAoGyswwLjwlrs6Rwkko+fim3nWbvU/zOmzyjjg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 22 Mar 2025 19:09:47 GMT

GET
H2 200 OUNN9Kp7NQt.js Show response
static.cdninstagram.com/rsrc.php/v3ifR14/yx/l/en_US/ 656 KB
151 KB 283ms
177ms Script
application/x-javascript 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3ifR14/yx/l/en_US/OUNN9Kp7NQt.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: instgram.azurewebsites.net
URL: https://instgram.azurewebsites.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9278162c85b462792d6146bd54fd5cd58839c24816457164e5c049551cc4ab41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: bXQ9BZb6F0t89sFrQwibgQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 154826
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=101141, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: mh40JtMZoS21NtzoENlQx+E8kt6DNcv42E+smxxV6+VEFwsUCEkv2hKrFgn5+O7/CXqjkUsufWKuwyYmxwocHQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Wed, 26 Mar 2025 16:32:15 GMT

GET
H2 200 UkK8zRoZ5Fy-3i_5eMmiBxXKxeBnBW_qHBBkop-hCN1gBYBHirbomYfDvYpEBKm4S9YbCuEc-5fOkPw4CdFlm7Ke-FwsSa03y0bBDFHLEGgqn1lOyVyFvyGdF50zlSTGZsWXqrZuL0eUQDINfWxzNsY-SD_fgP6HLwT7vKYBI6nWmp9LymGTYN0C7-O6XI2E7lRCL... Show response
static.cdninstagram.com/rsrc.php/v3ihFS4/yq/l/en_US/ 3 MB
546 KB 283ms
177ms Script
application/x-javascript 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3ihFS4/yq/l/en_US/UkK8zRoZ5Fy-3i_5eMmiBxXKxeBnBW_qHBBkop-hCN1gBYBHirbomYfDvYpEBKm4S9YbCuEc-5fOkPw4CdFlm7Ke-FwsSa03y0bBDFHLEGgqn1lOyVyFvyGdF50zlSTGZsWXqrZuL0eUQDINfWxzNsY-SD_fgP6HLwT7vKYBI6nWmp9LymGTYN0C7-O6XI2E7lRCLB9tQNGwiH18CvsWqehdEtWw12LiJjUdcQGCH-OEV-4Wj0DQVEH-g-FDC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: instgram.azurewebsites.net
URL: https://instgram.azurewebsites.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8e3d5d1d1d880cd117081b947b81e9e1f7a2165393432793c2c19536030d0e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: ltYfa1IvxJHQcEAz7hR4AA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 558652
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=101141, tp=-1, tpl=-1, uplat=6, ullat=-1
x-fb-debug: XmiXVx9HcE+aj19iM5dgNQzYphYX+PJCyc42p5wNfrq/6+oGvVAidZeORCsz4s+3SwHg33cZDyBwq6XD/Gly2g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Wed, 26 Mar 2025 17:12:36 GMT

GET
H2 200 lZrVRUeQIS9.js Show response
static.cdninstagram.com/rsrc.php/v3iaVR4/yW/l/en_US/ 907 KB
212 KB 281ms
176ms Script
application/x-javascript 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3iaVR4/yW/l/en_US/lZrVRUeQIS9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: instgram.azurewebsites.net
URL: https://instgram.azurewebsites.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d850d7927916b75e30a25ea54a35d8198342553824c6d335308ec8edb1a54ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: tFIjZijGVkOKcRH+PnRnew==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 217148
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=101141, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: DMV8v6sL8XnXXqMTQO/dp92gQ/SmXAc7SxjiGfmJ/COv8+f7Hsdn3Ks1ZUMWVeSJMcuITPNl4wnxYqATQoQBHw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Mon, 24 Mar 2025 22:24:59 GMT

GET
H2 200 KN-uoZ--c_K.js Show response
static.cdninstagram.com/rsrc.php/v3iMku4/yj/l/en_US/ 149 KB
38 KB 282ms
177ms Script
application/x-javascript 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3iMku4/yj/l/en_US/KN-uoZ--c_K.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: instgram.azurewebsites.net
URL: https://instgram.azurewebsites.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cf812d2b2ca040a80b2d8112e3f1bc67173929a994ae0b513bf0d29c16f7c84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: X9wjqsHsYdHz4NiqqMbTow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 38518
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=101141, tp=-1, tpl=-1, uplat=3, ullat=-1
x-fb-debug: YNvSWXhqkdbYtBCtoDSFm/5M3abP152W+pbSDHdwUsPenWXaxTSyiKYzg8iIMK/v4U8uIASfmB/ttpNVw4SepQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Tue, 25 Mar 2025 23:03:42 GMT

GET
H2 200 uJBM3BYMwPq.js Show response
static.cdninstagram.com/rsrc.php/v3iIec4/yN/l/en_US/ 267 KB
57 KB 282ms
176ms Script
application/x-javascript 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3iIec4/yN/l/en_US/uJBM3BYMwPq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: instgram.azurewebsites.net
URL: https://instgram.azurewebsites.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a2ae78d101cab05c4395faa37308b05fac613c6d7e21ddfcf690738d2dd00993

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: RBXvn+nj6HUNEPfwseK80A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57717
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=101141, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: b11Dx+W428okZrHEm09OBOKMnKIUxFDPCeKfVPBfbzNHQwmzgV6htBpnnxMIv6W54jgB6ydN8oponvtZkA9XoA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sun, 23 Mar 2025 15:51:14 GMT

GET
DATA 200
OK truncated Show response
/ 422 B
0 Script
application/x-javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79690b8ff5d31df844787e36d4048705a13bfd07f307e42e5087e235e3b16504

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: application/x-javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 277 B
0 Script
application/x-javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 857a5bcb9e09b1a3ed77b9d3d7a6ded10ab27d1a66ace4c39ffca422cef09da7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: application/x-javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 126 B
0 Script
application/x-javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41bf28018cbba9df7f9cd3c09452d8b3fa2a8690a381f787113e23fe19c83d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: application/x-javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 961 B
0 Script
application/x-javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548ba844583be9db2a87dfdfa9a3cc30f52aff0eb6d164c2eb280b5470ed44ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: application/x-javascript;charset=utf-8

POST
H/1.1 200
OK /
instgram.azurewebsites.net/ajax/qm/ 284 B
2 KB 764ms
545ms Ping
application/x-javascript 65.52.168.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://instgram.azurewebsites.net/ajax/qm/?__a=1&__user=0&__comet_req=7&jazoest=21030

Requested by

Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yo/r/rMjUV3tlg5-.js?_nc_x=Ij3Wp8lg5Kz

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

65.52.168.70 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0, ASP.NET

Resource Hash

ef9be3b0bdd9c3ccbfb68630d52aee21c0b851242c0714bf3a7698b590d7b0b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://instgram.azurewebsites.net/
dpr: 1
accept-language: de-DE,de;q=0.9
sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
viewport-width: 1600
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 26 Mar 2024 18:55:34 GMT
Content-Encoding: zstd
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
X-Powered-By: ARR/3.0, ASP.NET
cross-origin-resource-policy: cross-origin
Content-Length: 225
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
Pragma: no-cache
X-FB-Debug: 3LG14jUQGDhGgt+ogC5nU6nuLaqof5gY5di7C+2pXYEVHTXpZh+fG1aon2G4mC9mJamG0l/i4BPNwpsmJy5foQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-stack: www
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
Vary: Accept-Encoding
X-Frame-Options: DENY
Content-Type: application/x-javascript; charset=utf-8
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
origin-agent-cluster: ?0
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
application/x-javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a83a319c6e7bf8171265e277fe99f6be0443ce609df2d76316d1f2de1bcdfaa2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: application/x-javascript;charset=utf-8

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c26a441e8f1a26613711a8f79913c377cfc63a23a0a8be2c95404df76dd8a06

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f55dccd814d12e9d1bbb5c1942f21fa597939fdf2feac788f46320b3184b119c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 VRfZTeX3evH.css
static.cdninstagram.com/rsrc.php/v3/yh/l/0,cross/ 684 KB
152 KB 68ms
67ms Stylesheet
text/css 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3/yh/l/0,cross/VRfZTeX3evH.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: instgram.azurewebsites.net
URL: https://instgram.azurewebsites.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

166f5464a7c7c2ad5af48fc84e091a239cf2efc303896019239486715f4d7348

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: XaRsrjqIEX1X83LmCuoBMA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 155597
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=52, mss=1294, tbw=138667, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: ii+0gDEBYQcf8DGx/CBouVXFdyBUq1/entAdXfTCHK/S4MbK1vC4jxHgFB1bwafB6EZT38LCCe6iZG3liJtnug==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Wed, 26 Mar 2025 06:42:52 GMT

GET
DATA 200
OK truncated
/ 552 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79d5e68f02fe570940ec5d2e55e9f74e3f08206929392e4f019d2d94b0e42002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

POST
H/1.1 200
OK graphql Show response
instgram.azurewebsites.net/api/ 135 B
6 KB 1059ms
934ms XHR
text/javascript 65.52.168.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://instgram.azurewebsites.net/api/graphql

Requested by

Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3ifR14/yx/l/en_US/OUNN9Kp7NQt.js?_nc_x=Ij3Wp8lg5Kz

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

65.52.168.70 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0, ASP.NET

Resource Hash

f7d789f1c2408a4ef0706eda6cacd23ab47efe8ee603f933a04c40a8865e1b8c

Security Headers

Name	Value
Content-Security-Policy	default-src .facebook.com .fbcdn.net .instagram.com data: blob:;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' .teststagram.com .instagram.com static.cdninstagram.com .google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' .fbcdn.net .facebook.com .instagram.com .teststagram.com static.cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: ws://localhost:* blob: .instagram.com .cdninstagram.com wss://.instagram.com: 'self' .teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src .facebook.com data: fonts.gstatic.com .fbcdn.net .instagram.com .teststagram.com static.cdninstagram.com .intern.facebook.com;img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com www.gstatic.com .fbsbx.com android-webview-video-poster: .oculuscdn.com www.googleadservices.com .doubleclick.net .google.com .google.co.uk .giphy.com .teststagram.com .igsonar.com .google-analytics.com .whatsapp.net;media-src .facebook.com .fbcdn.net .instagram.com .cdninstagram.com cdn.fbsbx.com data: blob: https://.giphy.com;frame-src .instagram.com .facebook.com .fbsbx.com fbsbx.com data: www.googleadservices.com .doubleclick.net .google.com *.google.co.uk;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
viewport-width: 1600
X-FB-Friendly-Name: PolarisAPIFetchBatchQuickPromotionsQuery
X-FB-LSD: AVqrOuIqYNg
Content-Type: application/x-www-form-urlencoded
Referer: https://instgram.azurewebsites.net/
X-ASBD-ID: 129477
dpr: 1
X-CSRFToken: FFe7pi4Q-eoi0E0Q_pNKGh
sec-ch-prefers-color-scheme: light
X-IG-App-ID: 936619743392459

Response headers

Date: Tue, 26 Mar 2024 18:55:35 GMT
Content-Encoding: zstd
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-Security-Policy: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com www.gstatic.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob: https://*.giphy.com;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data: www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
X-Powered-By: ARR/3.0, ASP.NET
Content-Security-Policy-Report-Only: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob: https://*.giphy.com;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;worker-src *.instagram.com/static_resources/webworker_v1/init_script/ *.instagram.com/static_resources/webworker/init_script/ *.instagram.com/static_resources/sharedworker/init_script/ *.instagram.com/www-service-worker.js;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: same-site
Content-Length: 123
X-XSS-Protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
Pragma: no-cache
X-FB-Debug: HrnJCVt2BI9LUFdMdhmogI1lpCZNInIaWM5XuD3IddJyP3NcK3x++nPGTIXNxhv78KlIdd+GxT5R3C9CFKSjUg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-stack: www
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
Vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
Content-Type: text/javascript; charset=utf-8
X-Frame-Options: DENY
origin-agent-cluster: ?0
Cache-Control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(self), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
Expires: Sat, 01 Jan 2000 00:00:00 GMT

POST /
www.facebook.com/csp/reporting/ 0
0

GET screenshot1.png
instgram.azurewebsites.net/images/instagram/xig/homepage/screenshots/ 0
0

POST /
www.facebook.com/csp/reporting/ 0
0

GET screenshot2.png
instgram.azurewebsites.net/images/instagram/xig/homepage/screenshots/ 0
0

POST /
www.facebook.com/csp/reporting/ 0
0

GET screenshot3.png
instgram.azurewebsites.net/images/instagram/xig/homepage/screenshots/ 0
0

POST /
www.facebook.com/csp/reporting/ 0
0

GET screenshot4.png
instgram.azurewebsites.net/images/instagram/xig/homepage/screenshots/ 0
0

GET
H3 200 QaBlI0OZiks.ico
static.cdninstagram.com/rsrc.php/y4/r/ 2 KB
2 KB 86ms
44ms Other
image/x-icon 157.240.252.63
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/y4/r/QaBlI0OZiks.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.63 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

instagram-p3-shv-01-fra3.fbcdn.net

Software

Resource Hash

d31ce478c9729130303a3537a43906bc8164debf5546f7ad4d1beed9d9b2c630

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instgram.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
x-content-type-options: nosniff
content-md5: w0Mdkn2RoKnppTjObJjGsA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2214
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=33, mss=1232, tbw=5594, tp=14, tpl=0, uplat=2, ullat=-1
x-fb-debug: cV0XGKbg+d46SDJABZzNG9SIMMaVGpnRKBhrTvCpKxYQpjc31CuaM+WYMK7JRbx+g4ZdFnwBktaMe48pSXhaXg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=1,i
expires: Sat, 15 Mar 2025 02:01:56 GMT

GET
H3 200 home-phones.png
static.cdninstagram.com/images/instagram/xig/homepage/phones/ 97 KB
97 KB 88ms
46ms Image
image/png 157.240.252.63
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.cdninstagram.com/images/instagram/xig/homepage/phones/home-phones.png?__makehaste_cache_breaker=HOgRclNOosk

Requested by

Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yh/l/0,cross/VRfZTeX3evH.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.63 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

instagram-p3-shv-01-fra3.fbcdn.net

Software

Resource Hash

75de72e5509f4c6eaecc24f8b5a0236b302d0c466470222c3fe4f2b1d775944f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.cdninstagram.com/rsrc.php/v3/yh/l/0,cross/VRfZTeX3evH.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Tue, 26 Mar 2024 18:55:35 GMT
x-content-type-options: nosniff
content-md5: Q/5BKlqOBE4jFU3mi3nyGw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 99677
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=33, mss=1232, tbw=24234, tp=31, tpl=0, uplat=4, ullat=-1
x-fb-debug: 6tmrv7jPlf4zFL4OUscm6TPg49ZOd0HgG+goe77vaWsoE1hft1+GOsiUwJS9i9vsH3nmvYvejge9nV9+SrTVaw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=86400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=1,i
expires: Wed, 27 Mar 2024 02:45:41 GMT

GET
H3 200 8n91YnfPq0s.png
static.cdninstagram.com/rsrc.php/v3/yM/r/ 8 KB
8 KB 85ms
43ms Image
image/png 157.240.252.63
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.cdninstagram.com/rsrc.php/v3/yM/r/8n91YnfPq0s.png

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.63 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

instagram-p3-shv-01-fra3.fbcdn.net

Software

Resource Hash

3c872bf3a6e0470d517b154027b379cd5031f3d00abd3e4f96da8bff77e09ba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instgram.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
x-content-type-options: nosniff
content-md5: /xUMiK2Pbd8N4sm8cegl3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7770
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=33, mss=1232, tbw=4458, tp=13, tpl=0, uplat=2, ullat=-1
x-fb-debug: 1oqCGXSMLgd/H6WB3OdquhW6XNxR4DTmUE8AjqQO0Uzu8OmF/lmO6JMxPqJPHghEJNLpkAzi7+5FNhbIubSWnw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=1,i
expires: Sat, 15 Mar 2025 02:15:08 GMT

GET
H3 200 Mba0qSerMxw.js Show response
static.cdninstagram.com/rsrc.php/v3/yW/r/ 76 KB
20 KB 43ms
43ms Script
application/x-javascript 157.240.252.63
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3/yW/r/Mba0qSerMxw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yo/r/noD1oQJiCYY.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.63 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

instagram-p3-shv-01-fra3.fbcdn.net

Software

Resource Hash

38d9d0c56422c23eb115d5cbd59e8af774aa5a3634dc34ecd7fc484009c74e57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: 85cw5v2RzMLuE4dq0OvTtQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20044
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=48, mss=1232, tbw=4488, tp=13, tpl=0, uplat=2, ullat=-1
x-fb-debug: 7IgGjQ2OD7WZwrQCWOIabd6ZQZqG+ldpESMCw2YmZ91c9tRFkQ2NA+tz1qHtM/8iUF59gLfk2MDMSZ2CNyXQeA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=1
expires: Sun, 23 Mar 2025 15:45:39 GMT

GET
H3 200 j265y9YAFNJ.js Show response
static.cdninstagram.com/rsrc.php/v3iM_z4/yV/l/en_US/ 658 KB
157 KB 50ms
49ms Script
application/x-javascript 157.240.252.63
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3iM_z4/yV/l/en_US/j265y9YAFNJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yo/r/noD1oQJiCYY.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.63 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

instagram-p3-shv-01-fra3.fbcdn.net

Software

Resource Hash

e62ead72366fb00e7b62f1dc1ebf53fc807c0a24c4244127fa7ace1338859c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: Xxxtsv6Wp7Jzf4MLuSR7pw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 160893
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=48, mss=1232, tbw=26184, tp=31, tpl=0, uplat=6, ullat=-1
x-fb-debug: 3W36Qn3iqO+gK++5dVAss5HIZQe6HSVmrh3Y8Au1m15mjYE7olvYwPzlX4uDQNbuhwP6LuccNloO4s6C7N4YoQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=1
expires: Wed, 26 Mar 2025 00:30:54 GMT

GET
H3 200 0qtm87LIakq.js Show response
static.cdninstagram.com/rsrc.php/v3ix8E4/yW/l/en_US/ 107 KB
27 KB 51ms
50ms Script
application/x-javascript 157.240.252.63
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3ix8E4/yW/l/en_US/0qtm87LIakq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yo/r/noD1oQJiCYY.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.63 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

instagram-p3-shv-01-fra3.fbcdn.net

Software

Resource Hash

dc77b0ed82e1298a7351b22a5fd2a2e9b4a6544b506d0a0304c127cde7cdf104

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: EHspirHXba5shgzVhL1G5Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27089
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=48, mss=1232, tbw=26184, tp=31, tpl=0, uplat=6, ullat=-1
x-fb-debug: q9KcSf4g94q9zJpAJ52w6sSAG7ciTP7lTtZ0XPVy16sHlHDEunoHDzAlvsiUtELdNTsjHVxcs0cW5eCuj2zatQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=1
expires: Sun, 23 Mar 2025 15:48:20 GMT

GET
H3 200 Szy3QSKi4t7v5Fl1LsX7O8M-c2BIhVpAC0Ha3Y31Mm4EqQLjNwjl_faL0-4JKFZrXYXZcroSmKa90.js Show response
static.cdninstagram.com/rsrc.php/v3iSnd4/yL/l/en_US/ 105 KB
29 KB 130ms
129ms Script
application/x-javascript 157.240.252.63
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3iSnd4/yL/l/en_US/Szy3QSKi4t7v5Fl1LsX7O8M-c2BIhVpAC0Ha3Y31Mm4EqQLjNwjl_faL0-4JKFZrXYXZcroSmKa90.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yo/r/noD1oQJiCYY.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.63 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

instagram-p3-shv-01-fra3.fbcdn.net

Software

Resource Hash

ee6ff548661a2790d21dba64b5413ad050a8eda3e79b49a20a4272d53ac46604

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: XKgulfdldcyo/s5g3yQH+w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29260
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=48, mss=1232, tbw=57480, tp=57, tpl=0, uplat=7, ullat=-1
x-fb-debug: VhsZUbUL66OUA1dXG9r7tGiNKQJ58ZKgQSSDHoO0rOzS/dr06fU/FwZ011KoCPC3MKbb3P5oMAnc0KArt7R18w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=1
expires: Wed, 26 Mar 2025 16:54:57 GMT

GET
H3 200 yVy6wiPFdsS.js Show response
static.cdninstagram.com/rsrc.php/v3i7M54/yE/l/en_US/ 43 KB
12 KB 132ms
131ms Script
application/x-javascript 157.240.252.63
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3i7M54/yE/l/en_US/yVy6wiPFdsS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yo/r/noD1oQJiCYY.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.63 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

instagram-p3-shv-01-fra3.fbcdn.net

Software

Resource Hash

fb27d5d3cbd6c2896cf38feabff52e281fe94d04f217c4536f05a9f76c341c6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: F2DAruICkFdEZkNx3ks1fw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12621
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=48, mss=1232, tbw=57480, tp=57, tpl=0, uplat=7, ullat=-1
x-fb-debug: rOvzFuomc1QXg3GPbO2kKkXNeRZEciqAcWBhIpEwkLIz8pnmyZuNo6BmIy4xHKFDgJaY+e9MhrOmh1qgK5lkrw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=1
expires: Sun, 23 Mar 2025 15:51:15 GMT

GET
H3 200 E_o3t63Q3tF.js Show response
static.cdninstagram.com/rsrc.php/v3i_Lz4/y3/l/en_US/ 454 KB
93 KB 134ms
133ms Script
application/x-javascript 157.240.252.63
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3i_Lz4/y3/l/en_US/E_o3t63Q3tF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yo/r/noD1oQJiCYY.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.63 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

instagram-p3-shv-01-fra3.fbcdn.net

Software

Resource Hash

60e331ec2255e763de2059a1dc973c5339e24f50a8d5cd91d35bdabc4e1e1ca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: PrU7/GbTa0AAQqloUmxtGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 95333
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=48, mss=1232, tbw=64872, tp=63, tpl=0, uplat=7, ullat=-1
x-fb-debug: wWi9lGyzHIS0v0dOvoKqkAJ3FOvsh2SxyddzvccMsZqgQ/iAoyuQw6655j3lGSt5SxlCI0hAjCdNSjagY+HvfA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=1
expires: Wed, 26 Mar 2025 13:47:57 GMT

GET
H3 200 wMX1SRmuPgU.js Show response
static.cdninstagram.com/rsrc.php/v3/yl/r/ 168 KB
49 KB 142ms
141ms Script
application/x-javascript 157.240.252.63
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3/yl/r/wMX1SRmuPgU.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yo/r/noD1oQJiCYY.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.63 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

instagram-p3-shv-01-fra3.fbcdn.net

Software

Resource Hash

cb105f383f1c8c4e49513ece1bbf600aedd0b7c0c463d2e5e2a533cb7cd02c60

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: iviKj1N6TFuxdXJM2zjJrg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 50241
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=48, mss=1232, tbw=45160, tp=47, tpl=0, uplat=5, ullat=-1
x-fb-debug: tMiXJaSIxSUtWt9EsoZd/6rs4blrOpEfcIo1CKI6RKGk/Vu47nthnc29zwXjKNS1kSHfXjX6XyoeGmfbPzN7WA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=1
expires: Sun, 23 Mar 2025 15:43:20 GMT

GET
H3 200 sXULCSPFEBJ.js Show response
static.cdninstagram.com/rsrc.php/v3iiC64/yl/l/en_US/ 40 KB
11 KB 162ms
162ms Script
application/x-javascript 157.240.252.63
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3iiC64/yl/l/en_US/sXULCSPFEBJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yo/r/noD1oQJiCYY.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.63 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

instagram-p3-shv-01-fra3.fbcdn.net

Software

Resource Hash

a5599455b645882378f0199f8599c378494fcba0ebf17b36ded1faad4cd9ee6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: 2YSiRE0ISzeSqWoQpvxpXQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11600
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=48, mss=1232, tbw=64872, tp=63, tpl=0, uplat=6, ullat=-1
x-fb-debug: VaA29BGeFNzfCgEOoHpygbzDLM4q3o3AcLA58loR/edPv89zN6lQCwcXK1A7oGZhvbNPsclzhVeQgJIVwLprSg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=1
expires: Wed, 26 Mar 2025 16:54:57 GMT

POST
H/1.1 200
OK / Show response
instgram.azurewebsites.net/ajax/bulk-route-definitions/ 5 KB
7 KB 773ms
567ms XHR
text/javascript 65.52.168.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://instgram.azurewebsites.net/ajax/bulk-route-definitions/

Requested by

Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3ifR14/yx/l/en_US/OUNN9Kp7NQt.js?_nc_x=Ij3Wp8lg5Kz

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

65.52.168.70 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0, ASP.NET

Resource Hash

34b42f73a84ee7448f5efbea946c17e888aaf28b766662db4a360d526ede4b89

Security Headers

Name	Value
Content-Security-Policy	default-src .facebook.com .fbcdn.net .instagram.com data: blob:;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' .teststagram.com .instagram.com static.cdninstagram.com .google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' .fbcdn.net .facebook.com .instagram.com .teststagram.com static.cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: ws://localhost:* blob: .instagram.com .cdninstagram.com wss://.instagram.com: 'self' .teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src .facebook.com data: fonts.gstatic.com .fbcdn.net .instagram.com .teststagram.com static.cdninstagram.com .intern.facebook.com;img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com www.gstatic.com .fbsbx.com android-webview-video-poster: .oculuscdn.com www.googleadservices.com .doubleclick.net .google.com .google.co.uk .giphy.com .teststagram.com .igsonar.com .google-analytics.com .whatsapp.net;media-src .facebook.com .fbcdn.net .instagram.com .cdninstagram.com cdn.fbsbx.com data: blob: https://.giphy.com;frame-src .instagram.com .facebook.com .fbsbx.com fbsbx.com data: www.googleadservices.com .doubleclick.net .google.com *.google.co.uk;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

X-IG-D: www
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
viewport-width: 1600
Content-Type: application/x-www-form-urlencoded
X-FB-LSD: AVqrOuIqYNg
Referer: https://instgram.azurewebsites.net/
X-ASBD-ID: 129477
dpr: 1
sec-ch-prefers-color-scheme: light

Response headers

Date: Tue, 26 Mar 2024 18:55:35 GMT
Content-Encoding: zstd
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-Security-Policy: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com www.gstatic.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob: https://*.giphy.com;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data: www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
X-Powered-By: ARR/3.0, ASP.NET
Content-Security-Policy-Report-Only: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob: https://*.giphy.com;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;worker-src *.instagram.com/static_resources/webworker_v1/init_script/ *.instagram.com/static_resources/webworker/init_script/ *.instagram.com/static_resources/sharedworker/init_script/ *.instagram.com/www-service-worker.js;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: same-site
Content-Length: 1389
X-XSS-Protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
Pragma: no-cache
X-FB-Debug: qNOPaGDRK80yaUcq/6Le9dKWQIiTFxgwoT8r5ODXgSJMm19dZcVjb51Im0wrqgUp1STamjkFdGGtBEZjcR9pjw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-stack: www
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
Vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
Content-Type: text/javascript; charset=utf-8
X-Frame-Options: DENY
origin-agent-cluster: ?0
Cache-Control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(self), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
Expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK / Show response
instgram.azurewebsites.net/ajax/bulk-route-definitions/ 6 KB
8 KB 1212ms
560ms XHR
text/javascript 65.52.168.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://instgram.azurewebsites.net/ajax/bulk-route-definitions/

Requested by

Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3ifR14/yx/l/en_US/OUNN9Kp7NQt.js?_nc_x=Ij3Wp8lg5Kz

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

65.52.168.70 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0, ASP.NET

Resource Hash

36a35ba3d6d42ad04dd7233ef1e3c34bece36a0b947243d68cc0bdca9f3fab05

Security Headers

Name	Value
Content-Security-Policy	default-src .facebook.com .fbcdn.net .instagram.com data: blob:;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' .teststagram.com .instagram.com static.cdninstagram.com .google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' .fbcdn.net .facebook.com .instagram.com .teststagram.com static.cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: ws://localhost:* blob: .instagram.com .cdninstagram.com wss://.instagram.com: 'self' .teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src .facebook.com data: fonts.gstatic.com .fbcdn.net .instagram.com .teststagram.com static.cdninstagram.com .intern.facebook.com;img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com www.gstatic.com .fbsbx.com android-webview-video-poster: .oculuscdn.com www.googleadservices.com .doubleclick.net .google.com .google.co.uk .giphy.com .teststagram.com .igsonar.com .google-analytics.com .whatsapp.net;media-src .facebook.com .fbcdn.net .instagram.com .cdninstagram.com cdn.fbsbx.com data: blob: https://.giphy.com;frame-src .instagram.com .facebook.com .fbsbx.com fbsbx.com data: www.googleadservices.com .doubleclick.net .google.com *.google.co.uk;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

X-IG-D: www
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
viewport-width: 1600
Content-Type: application/x-www-form-urlencoded
X-FB-LSD: AVqrOuIqYNg
Referer: https://instgram.azurewebsites.net/
X-ASBD-ID: 129477
dpr: 1
sec-ch-prefers-color-scheme: light

Response headers

Date: Tue, 26 Mar 2024 18:55:35 GMT
Content-Encoding: zstd
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-Security-Policy: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com www.gstatic.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob: https://*.giphy.com;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data: www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
X-Powered-By: ARR/3.0, ASP.NET
Content-Security-Policy-Report-Only: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob: https://*.giphy.com;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;worker-src *.instagram.com/static_resources/webworker_v1/init_script/ *.instagram.com/static_resources/webworker/init_script/ *.instagram.com/static_resources/sharedworker/init_script/ *.instagram.com/www-service-worker.js;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: same-site
Content-Length: 1739
X-XSS-Protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
Pragma: no-cache
X-FB-Debug: WXUism8e712qFZ9Kw5ngapHc3DCQPQDVCODmkeroEZFxVpdOTjDhCNDvmoE3Km9ZdPMQnMtmo++GyYSpYR7ZLQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-stack: www
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
Vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
Content-Type: text/javascript; charset=utf-8
X-Frame-Options: DENY
origin-agent-cluster: ?0
Cache-Control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(self), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
Expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK / Show response
instgram.azurewebsites.net/ajax/bulk-route-definitions/ 7 KB
8 KB 1227ms
563ms XHR
text/javascript 65.52.168.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://instgram.azurewebsites.net/ajax/bulk-route-definitions/

Requested by

Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3ifR14/yx/l/en_US/OUNN9Kp7NQt.js?_nc_x=Ij3Wp8lg5Kz

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

65.52.168.70 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0, ASP.NET

Resource Hash

87e2ac76a3e7332fcbcf9541ccc8fa2d05e66f6b7adb5597391e6461504a7bc1

Security Headers

Name	Value
Content-Security-Policy	default-src .facebook.com .fbcdn.net .instagram.com data: blob:;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' .teststagram.com .instagram.com static.cdninstagram.com .google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' .fbcdn.net .facebook.com .instagram.com .teststagram.com static.cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: ws://localhost:* blob: .instagram.com .cdninstagram.com wss://.instagram.com: 'self' .teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src .facebook.com data: fonts.gstatic.com .fbcdn.net .instagram.com .teststagram.com static.cdninstagram.com .intern.facebook.com;img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com www.gstatic.com .fbsbx.com android-webview-video-poster: .oculuscdn.com www.googleadservices.com .doubleclick.net .google.com .google.co.uk .giphy.com .teststagram.com .igsonar.com .google-analytics.com .whatsapp.net;media-src .facebook.com .fbcdn.net .instagram.com .cdninstagram.com cdn.fbsbx.com data: blob: https://.giphy.com;frame-src .instagram.com .facebook.com .fbsbx.com fbsbx.com data: www.googleadservices.com .doubleclick.net .google.com *.google.co.uk;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

X-IG-D: www
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
viewport-width: 1600
Content-Type: application/x-www-form-urlencoded
X-FB-LSD: AVqrOuIqYNg
Referer: https://instgram.azurewebsites.net/
X-ASBD-ID: 129477
dpr: 1
sec-ch-prefers-color-scheme: light

Response headers

Date: Tue, 26 Mar 2024 18:55:35 GMT
Content-Encoding: zstd
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-Security-Policy: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com www.gstatic.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob: https://*.giphy.com;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data: www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
X-Powered-By: ARR/3.0, ASP.NET
Content-Security-Policy-Report-Only: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob: https://*.giphy.com;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;worker-src *.instagram.com/static_resources/webworker_v1/init_script/ *.instagram.com/static_resources/webworker/init_script/ *.instagram.com/static_resources/sharedworker/init_script/ *.instagram.com/www-service-worker.js;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: same-site
Content-Length: 1767
X-XSS-Protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
Pragma: no-cache
X-FB-Debug: P4DUbDy79J/MnLW+1nHN0x5k/Yk3b7VNGeuPBH6xGlYIH1O9qfLNMYlkL3K7iuX2WWL4RcXWeBBHZQSF70bKxw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-stack: www
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
Vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
Content-Type: text/javascript; charset=utf-8
X-Frame-Options: DENY
origin-agent-cluster: ?0
Cache-Control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(self), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 c5Rp7Ym-Klz.png
static.cdninstagram.com/rsrc.php/v3/yz/r/ 6 KB
6 KB 68ms
47ms Image
image/png 157.240.252.63
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.cdninstagram.com/rsrc.php/v3/yz/r/c5Rp7Ym-Klz.png

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.63 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

instagram-p3-shv-01-fra3.fbcdn.net

Software

Resource Hash

923d80c7ae9a06d102f46b3e47564fa6fadd9a2f3dd3633cc19ac5eeb25bd4ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instgram.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
x-content-type-options: nosniff
content-md5: /8D8PMcMfnd1qDPcgXbNuw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5975
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=33, mss=1232, tbw=25674, tp=33, tpl=0, uplat=3, ullat=-1
x-fb-debug: yh5e1hE62xhy+w+cAYxi+48Be1OkiZsaQ/wn/LGi3RPWIxYlxW/X+moynvMGdRLP9FFoWgf52af0BtjZFVYr7Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=1,i
expires: Fri, 14 Mar 2025 02:29:26 GMT

GET
H3 200 EHY6QnZYdNX.png
static.cdninstagram.com/rsrc.php/v3/yu/r/ 8 KB
8 KB 65ms
45ms Image
image/png 157.240.252.63
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.cdninstagram.com/rsrc.php/v3/yu/r/EHY6QnZYdNX.png

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.63 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

instagram-p3-shv-01-fra3.fbcdn.net

Software

Resource Hash

7ad8498fcc83f0cf754e7af0e03b8e73a937514c16ef59d7f20342d1a6d30a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instgram.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:35 GMT
x-content-type-options: nosniff
content-md5: GMg6Ph3avEYo1exT0nCveA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7694
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=33, mss=1232, tbw=16074, tp=23, tpl=0, uplat=3, ullat=-1
x-fb-debug: JkzGRzkL5RPwaTgzOGCsxpQAV5gTB7+cxPFwoqDUX7Y6SdIyOvFouhSuC0vdBj7Utt0SK8oq5q82dUB4KF4E9g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=1,i
expires: Fri, 14 Mar 2025 04:58:33 GMT

POST
H/1.1 200
OK bz Show response
instgram.azurewebsites.net/ajax/ 0
6 KB 1049ms
535ms XHR
text/html 65.52.168.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://instgram.azurewebsites.net/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=7&__d=www&__hs=19808.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7350747767848382774&__req=5&__rev=1012318666&__s=rvmjkt%3Aq7i7xr%3An9tiiq&__spin_b=trunk&__spin_r=1012318666&__spin_t=1711479334&__user=0&dpr=1&jazoest=21030&lsd=AVqrOuIqYNg&ph=C3

Requested by

Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3ihFS4/yq/l/en_US/UkK8zRoZ5Fy-3i_5eMmiBxXKxeBnBW_qHBBkop-hCN1gBYBHirbomYfDvYpEBKm4S9YbCuEc-5fOkPw4CdFlm7Ke-FwsSa03y0bBDFHLEGgqn1lOyVyFvyGdF50zlSTGZsWXqrZuL0eUQDINfWxzNsY-SD_fgP6HLwT7vKYBI6nWmp9LymGTYN0C7-O6XI2E7lRCLB9tQNGwiH18CvsWqehdEtWw12LiJjUdcQGCH-OEV-4Wj0DQVEH-g-FDC.js?_nc_x=Ij3Wp8lg5Kz

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

65.52.168.70 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0, ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src .facebook.com .fbcdn.net .instagram.com data: blob:;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' .teststagram.com .instagram.com static.cdninstagram.com .google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' .fbcdn.net .facebook.com .instagram.com .teststagram.com static.cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: ws://localhost:* blob: .instagram.com .cdninstagram.com wss://.instagram.com: 'self' .teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src .facebook.com data: fonts.gstatic.com .fbcdn.net .instagram.com .teststagram.com static.cdninstagram.com .intern.facebook.com;img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com www.gstatic.com .fbsbx.com android-webview-video-poster: .oculuscdn.com www.googleadservices.com .doubleclick.net .google.com .google.co.uk .giphy.com .teststagram.com .igsonar.com .google-analytics.com .whatsapp.net;media-src .facebook.com .fbcdn.net .instagram.com .cdninstagram.com cdn.fbsbx.com data: blob: https://.giphy.com;frame-src .instagram.com .facebook.com .fbsbx.com fbsbx.com data: www.googleadservices.com .doubleclick.net .google.com *.google.co.uk;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://instgram.azurewebsites.net/
dpr: 1
accept-language: de-DE,de;q=0.9
sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
viewport-width: 1600
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarywW4BnL3i7aVi8toA

Response headers

Date: Tue, 26 Mar 2024 18:55:35 GMT
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com www.gstatic.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob: https://*.giphy.com;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data: www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
X-Powered-By: ARR/3.0, ASP.NET
Content-Security-Policy-Report-Only: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob: https://*.giphy.com;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;worker-src *.instagram.com/static_resources/webworker_v1/init_script/ *.instagram.com/static_resources/webworker/init_script/ *.instagram.com/static_resources/sharedworker/init_script/ *.instagram.com/www-service-worker.js;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
Content-Length: 0
X-XSS-Protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
Pragma: no-cache
X-FB-Debug: I76Sx/qu8O/tnmD2ofkgTkAxhCW1Nu2EnLeDkBVNl2Em4LdigSJky5YaRU+9BdRTjcl043pYnAQvLM8u9QmcoA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-stack: www
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Frame-Options: DENY
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
Content-Type: text/html; charset="utf-8"
origin-agent-cluster: ?0
Cache-Control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(self), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
Expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK bz Show response
instgram.azurewebsites.net/ajax/ 0
6 KB 520ms
519ms XHR
text/html 65.52.168.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://instgram.azurewebsites.net/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=7&__d=www&__hs=19808.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7350747767848382774&__req=6&__rev=1012318666&__s=rvmjkt%3Aq7i7xr%3An9tiiq&__spin_b=trunk&__spin_r=1012318666&__spin_t=1711479334&__user=0&dpr=1&jazoest=21030&lsd=AVqrOuIqYNg&ph=C3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

65.52.168.70 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0, ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src .facebook.com .fbcdn.net .instagram.com data: blob:;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' .teststagram.com .instagram.com static.cdninstagram.com .google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' .fbcdn.net .facebook.com .instagram.com .teststagram.com static.cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: ws://localhost:* blob: .instagram.com .cdninstagram.com wss://.instagram.com: 'self' .teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src .facebook.com data: fonts.gstatic.com .fbcdn.net .instagram.com .teststagram.com static.cdninstagram.com .intern.facebook.com;img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com www.gstatic.com .fbsbx.com android-webview-video-poster: .oculuscdn.com www.googleadservices.com .doubleclick.net .google.com .google.co.uk .giphy.com .teststagram.com .igsonar.com .google-analytics.com .whatsapp.net;media-src .facebook.com .fbcdn.net .instagram.com .cdninstagram.com cdn.fbsbx.com data: blob: https://.giphy.com;frame-src .instagram.com .facebook.com .fbsbx.com fbsbx.com data: www.googleadservices.com .doubleclick.net .google.com *.google.co.uk;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://instgram.azurewebsites.net/
dpr: 1
accept-language: de-DE,de;q=0.9
sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
viewport-width: 1600
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryXwkGzjCCKBkarrY0

Response headers

Date: Tue, 26 Mar 2024 18:55:35 GMT
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com www.gstatic.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob: https://*.giphy.com;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data: www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
X-Powered-By: ARR/3.0, ASP.NET
Content-Security-Policy-Report-Only: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob: https://*.giphy.com;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;worker-src *.instagram.com/static_resources/webworker_v1/init_script/ *.instagram.com/static_resources/webworker/init_script/ *.instagram.com/static_resources/sharedworker/init_script/ *.instagram.com/www-service-worker.js;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
Content-Length: 0
X-XSS-Protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
Pragma: no-cache
X-FB-Debug: t9x1YHec3i3ZMlitItwCZsRLuHKYp19P0p60UgpjXuAcIWFX0QNQzrKkG++qorhoi1+4QTZtOB8M1pg4Ip1/RQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-stack: www
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Frame-Options: DENY
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
Content-Type: text/html; charset="utf-8"
origin-agent-cluster: ?0
Cache-Control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(self), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
Expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 logging_client_events
graph.instagram.com/ 0
0 206ms
199ms Preflight
application/json 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.instagram.com/logging_client_events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-asbd-id
Access-Control-Request-Method: POST
Origin: https://instgram.azurewebsites.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

access-control-allow-headers: x-asbd-id
access-control-allow-methods: GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-type: application/json; charset=UTF-8
date: Tue, 26 Mar 2024 18:55:36 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v13.0
pragma: no-cache
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Origin
x-fb-debug: oPu81u/Q4Ah/cXGi9K3wRFwuuBJmyf52iEi/JCH41ZYAB6MEdCRvxmJMRF2KDECbml+0nuv+gZIpKAIOst8ttQ==
x-fb-request-id: Am_PFQrrBt23UanvlT0nvV7
x-fb-rev: 1012318666
x-fb-trace-id: B5PHgFAvnBA
x-stack: www

POST logging_client_events
graph.instagram.com/ 0
0

GET
H3 200 E2a9WfQDMxE.js Show response
static.cdninstagram.com/rsrc.php/v3/yc/r/ 2 KB
458 B 40ms
39ms Script
application/x-javascript 157.240.252.63
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3/yc/r/E2a9WfQDMxE.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yo/r/noD1oQJiCYY.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.63 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

instagram-p3-shv-01-fra3.fbcdn.net

Software

Resource Hash

eb34bf2a9c8e2bf6da1b90a368f597d905dbc525825358acafe5401bf31dce84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:36 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: V8avxD4OWzSTSzk9O+lJ0g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 316
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=2, c=382, mss=1232, tbw=425512, tp=359, tpl=2, uplat=1, ullat=-1
x-fb-debug: bEOWAbfojwNxbQ+W98RkjjsB+ZTH8DTfS9Oo3EHzgrIs+u2DM3a4HG5ZhTIZn90VmHnfEgmFiRSusyqQ4CP77Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=1
expires: Tue, 25 Mar 2025 15:21:10 GMT

GET
H3 200 7KFSuqiN3rP.js Show response
static.cdninstagram.com/rsrc.php/v3/ys/r/ 963 B
400 B 40ms
40ms Script
application/x-javascript 157.240.252.63
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdninstagram.com/rsrc.php/v3/ys/r/7KFSuqiN3rP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.cdninstagram.com
URL: https://static.cdninstagram.com/rsrc.php/v3/yo/r/noD1oQJiCYY.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.63 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

instagram-p3-shv-01-fra3.fbcdn.net

Software

Resource Hash

17be4317664330f160a5ef2f045d07ff8cde6bde12441aa47256a747e65374fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://instgram.azurewebsites.net/
Origin: https://instgram.azurewebsites.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 18:55:36 GMT
content-encoding: zstd
x-content-type-options: nosniff
content-md5: dHbs5YchUQr3SAxei/9Ewg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 260
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=2, c=382, mss=1232, tbw=426264, tp=362, tpl=2, uplat=1, ullat=-1
x-fb-debug: Af2P28HLUP3BxGWfkZbqdyqFHcdG5ct+KXYZ9+ptjuX4ZWGSsJdSI33GDbTa8HAbcB3AzCvutm4hgz8xlrrP6Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=1
expires: Sat, 15 Mar 2025 04:41:52 GMT

POST
H/1.1 200
OK bz Show response
instgram.azurewebsites.net/ajax/ 0
6 KB 1627ms
1626ms XHR
text/html 65.52.168.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://instgram.azurewebsites.net/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=7&__d=www&__hs=19808.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7350747767848382774&__req=7&__rev=1012318666&__s=rvmjkt%3Aq7i7xr%3An9tiiq&__spin_b=trunk&__spin_r=1012318666&__spin_t=1711479334&__user=0&dpr=1&jazoest=21030&lsd=AVqrOuIqYNg&ph=C3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

65.52.168.70 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0, ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src .facebook.com .fbcdn.net .instagram.com data: blob:;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' .teststagram.com .instagram.com static.cdninstagram.com .google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' .fbcdn.net .facebook.com .instagram.com .teststagram.com static.cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: ws://localhost:* blob: .instagram.com .cdninstagram.com wss://.instagram.com: 'self' .teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src .facebook.com data: fonts.gstatic.com .fbcdn.net .instagram.com .teststagram.com static.cdninstagram.com .intern.facebook.com;img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com www.gstatic.com .fbsbx.com android-webview-video-poster: .oculuscdn.com www.googleadservices.com .doubleclick.net .google.com .google.co.uk .giphy.com .teststagram.com .igsonar.com .google-analytics.com .whatsapp.net;media-src .facebook.com .fbcdn.net .instagram.com .cdninstagram.com cdn.fbsbx.com data: blob: https://.giphy.com;frame-src .instagram.com .facebook.com .fbsbx.com fbsbx.com data: www.googleadservices.com .doubleclick.net .google.com *.google.co.uk;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://instgram.azurewebsites.net/
dpr: 1
accept-language: de-DE,de;q=0.9
sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
viewport-width: 1600
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarySAwp6sFWd3p0aJZ3

Response headers

Date: Tue, 26 Mar 2024 18:55:36 GMT
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com www.gstatic.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob: https://*.giphy.com;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data: www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
X-Powered-By: ARR/3.0, ASP.NET
Content-Security-Policy-Report-Only: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob: https://*.giphy.com;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;worker-src *.instagram.com/static_resources/webworker_v1/init_script/ *.instagram.com/static_resources/webworker/init_script/ *.instagram.com/static_resources/sharedworker/init_script/ *.instagram.com/www-service-worker.js;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
Content-Length: 0
X-XSS-Protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
Pragma: no-cache
X-FB-Debug: D/M34PqO6PVnqnWzES2/BUdfusZgNZe4FFG1PKlbrIoWSgYCW067nS0rssHY4GfF/RyiNSeKFPfSGwzWu00y0Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-stack: www
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Frame-Options: DENY
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
Content-Type: text/html; charset="utf-8"
origin-agent-cluster: ?0
Cache-Control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(self), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/csp/reporting/?minimize=0

Domain: instgram.azurewebsites.net
URL: https://instgram.azurewebsites.net/images/instagram/xig/homepage/screenshots/screenshot1.png?__d=www

Domain: www.facebook.com
URL: https://www.facebook.com/csp/reporting/?minimize=0

Domain: instgram.azurewebsites.net
URL: https://instgram.azurewebsites.net/images/instagram/xig/homepage/screenshots/screenshot2.png?__d=www

Domain: www.facebook.com
URL: https://www.facebook.com/csp/reporting/?minimize=0

Domain: instgram.azurewebsites.net
URL: https://instgram.azurewebsites.net/images/instagram/xig/homepage/screenshots/screenshot3.png?__d=www

Domain: www.facebook.com
URL: https://www.facebook.com/csp/reporting/?minimize=0

Domain: instgram.azurewebsites.net
URL: https://instgram.azurewebsites.net/images/instagram/xig/homepage/screenshots/screenshot4.png?__d=www

Domain: graph.instagram.com
URL: https://graph.instagram.com/logging_client_events

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Instagram (Social Network)

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.instgram.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinity Value: ad26f9a6bd8a60cc0a709ea5aba83deeee69ecdeb9e8ed99f43a1cd50f09889a
			.instgram.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: ad26f9a6bd8a60cc0a709ea5aba83deeee69ecdeb9e8ed99f43a1cd50f09889a

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	error	URL: https://instgram.azurewebsites.net/ Message: [Report Only] Refused to load the image 'https://instgram.azurewebsites.net/images/instagram/xig/homepage/screenshots/screenshot1.png?__d=www' because it violates the following Content Security Policy directive: "img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com .fbsbx.com android-webview-video-poster: .giphy.com .teststagram.com .igsonar.com *.google-analytics.com".
security	error	URL: https://instgram.azurewebsites.net/ Message: Refused to load the image 'https://instgram.azurewebsites.net/images/instagram/xig/homepage/screenshots/screenshot1.png?__d=www' because it violates the following Content Security Policy directive: "img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com www.gstatic.com .fbsbx.com android-webview-video-poster: .oculuscdn.com www.googleadservices.com .doubleclick.net .google.com .google.co.uk .giphy.com .teststagram.com .igsonar.com .google-analytics.com .whatsapp.net".
security	error	URL: https://instgram.azurewebsites.net/ Message: [Report Only] Refused to load the image 'https://instgram.azurewebsites.net/images/instagram/xig/homepage/screenshots/screenshot2.png?__d=www' because it violates the following Content Security Policy directive: "img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com .fbsbx.com android-webview-video-poster: .giphy.com .teststagram.com .igsonar.com *.google-analytics.com".
security	error	URL: https://instgram.azurewebsites.net/ Message: Refused to load the image 'https://instgram.azurewebsites.net/images/instagram/xig/homepage/screenshots/screenshot2.png?__d=www' because it violates the following Content Security Policy directive: "img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com www.gstatic.com .fbsbx.com android-webview-video-poster: .oculuscdn.com www.googleadservices.com .doubleclick.net .google.com .google.co.uk .giphy.com .teststagram.com .igsonar.com .google-analytics.com .whatsapp.net".
security	error	URL: https://instgram.azurewebsites.net/ Message: [Report Only] Refused to load the image 'https://instgram.azurewebsites.net/images/instagram/xig/homepage/screenshots/screenshot3.png?__d=www' because it violates the following Content Security Policy directive: "img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com .fbsbx.com android-webview-video-poster: .giphy.com .teststagram.com .igsonar.com *.google-analytics.com".
security	error	URL: https://instgram.azurewebsites.net/ Message: Refused to load the image 'https://instgram.azurewebsites.net/images/instagram/xig/homepage/screenshots/screenshot3.png?__d=www' because it violates the following Content Security Policy directive: "img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com www.gstatic.com .fbsbx.com android-webview-video-poster: .oculuscdn.com www.googleadservices.com .doubleclick.net .google.com .google.co.uk .giphy.com .teststagram.com .igsonar.com .google-analytics.com .whatsapp.net".
security	error	URL: https://instgram.azurewebsites.net/ Message: [Report Only] Refused to load the image 'https://instgram.azurewebsites.net/images/instagram/xig/homepage/screenshots/screenshot4.png?__d=www' because it violates the following Content Security Policy directive: "img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com .fbsbx.com android-webview-video-poster: .giphy.com .teststagram.com .igsonar.com *.google-analytics.com".
security	error	URL: https://instgram.azurewebsites.net/ Message: Refused to load the image 'https://instgram.azurewebsites.net/images/instagram/xig/homepage/screenshots/screenshot4.png?__d=www' because it violates the following Content Security Policy directive: "img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com www.gstatic.com .fbsbx.com android-webview-video-poster: .oculuscdn.com www.googleadservices.com .doubleclick.net .google.com .google.co.uk .giphy.com .teststagram.com .igsonar.com .google-analytics.com .whatsapp.net".
recommendation	verbose	URL: https://instgram.azurewebsites.net/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript	error	URL: https://instgram.azurewebsites.net/ Message: Access to XMLHttpRequest at 'https://graph.instagram.com/logging_client_events' from origin 'https://instgram.azurewebsites.net' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://facebook.com' that is not equal to the supplied origin.
network	error	URL: https://graph.instagram.com/logging_client_events Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src .facebook.com .fbcdn.net .instagram.com data: blob:;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' .teststagram.com .instagram.com static.cdninstagram.com .google-analytics.com https://translate.google.com https://apis.google.com https://accounts.google.com;style-src data: blob: 'unsafe-inline' .fbcdn.net .facebook.com .instagram.com .teststagram.com static.cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: ws://localhost:* blob: .instagram.com .cdninstagram.com wss://.instagram.com: 'self' .teststagram.com wss://edge-chat.instagram.com connect.facebook.net https://meta.privacy-gateway.cloudflare.com/relay;font-src .facebook.com data: fonts.gstatic.com .fbcdn.net .instagram.com .teststagram.com static.cdninstagram.com .intern.facebook.com;img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com www.gstatic.com .fbsbx.com android-webview-video-poster: .oculuscdn.com www.googleadservices.com .doubleclick.net .google.com .google.co.uk .giphy.com .teststagram.com .igsonar.com .google-analytics.com .whatsapp.net;media-src .facebook.com .fbcdn.net .instagram.com .cdninstagram.com cdn.fbsbx.com data: blob: https://.giphy.com;frame-src .instagram.com .facebook.com .fbsbx.com fbsbx.com data: www.googleadservices.com .doubleclick.net .google.com *.google.co.uk;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

graph.instagram.com
instgram.azurewebsites.net
static.cdninstagram.com
www.facebook.com
graph.instagram.com
instgram.azurewebsites.net
www.facebook.com
157.240.252.63
2a03:2880:f277:c0:face:b00c:0:43fe
65.52.168.70
0d850d7927916b75e30a25ea54a35d8198342553824c6d335308ec8edb1a54ee
166f5464a7c7c2ad5af48fc84e091a239cf2efc303896019239486715f4d7348
17be4317664330f160a5ef2f045d07ff8cde6bde12441aa47256a747e65374fe
34b42f73a84ee7448f5efbea946c17e888aaf28b766662db4a360d526ede4b89
36a35ba3d6d42ad04dd7233ef1e3c34bece36a0b947243d68cc0bdca9f3fab05
38d9d0c56422c23eb115d5cbd59e8af774aa5a3634dc34ecd7fc484009c74e57
3c872bf3a6e0470d517b154027b379cd5031f3d00abd3e4f96da8bff77e09ba3
41bf28018cbba9df7f9cd3c09452d8b3fa2a8690a381f787113e23fe19c83d2e
548ba844583be9db2a87dfdfa9a3cc30f52aff0eb6d164c2eb280b5470ed44ad
60e331ec2255e763de2059a1dc973c5339e24f50a8d5cd91d35bdabc4e1e1ca7
74d8dd0913f5700fe5e0fbe6af587d8b5856e29ff8e609b1156b4724ce23c793
75de72e5509f4c6eaecc24f8b5a0236b302d0c466470222c3fe4f2b1d775944f
79690b8ff5d31df844787e36d4048705a13bfd07f307e42e5087e235e3b16504
79d5e68f02fe570940ec5d2e55e9f74e3f08206929392e4f019d2d94b0e42002
7ad8498fcc83f0cf754e7af0e03b8e73a937514c16ef59d7f20342d1a6d30a4c
7c26a441e8f1a26613711a8f79913c377cfc63a23a0a8be2c95404df76dd8a06
857a5bcb9e09b1a3ed77b9d3d7a6ded10ab27d1a66ace4c39ffca422cef09da7
87e2ac76a3e7332fcbcf9541ccc8fa2d05e66f6b7adb5597391e6461504a7bc1
8e3d5d1d1d880cd117081b947b81e9e1f7a2165393432793c2c19536030d0e2e
923d80c7ae9a06d102f46b3e47564fa6fadd9a2f3dd3633cc19ac5eeb25bd4ad
9278162c85b462792d6146bd54fd5cd58839c24816457164e5c049551cc4ab41
a2ae78d101cab05c4395faa37308b05fac613c6d7e21ddfcf690738d2dd00993
a5599455b645882378f0199f8599c378494fcba0ebf17b36ded1faad4cd9ee6a
a83a319c6e7bf8171265e277fe99f6be0443ce609df2d76316d1f2de1bcdfaa2
cb105f383f1c8c4e49513ece1bbf600aedd0b7c0c463d2e5e2a533cb7cd02c60
cf812d2b2ca040a80b2d8112e3f1bc67173929a994ae0b513bf0d29c16f7c84b
d31ce478c9729130303a3537a43906bc8164debf5546f7ad4d1beed9d9b2c630
d9c9993b92744bf5ec761f893831d0fc522faca1516a2d3b88fd6dd1e36abc61
dc77b0ed82e1298a7351b22a5fd2a2e9b4a6544b506d0a0304c127cde7cdf104
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62ead72366fb00e7b62f1dc1ebf53fc807c0a24c4244127fa7ace1338859c9a
eb34bf2a9c8e2bf6da1b90a368f597d905dbc525825358acafe5401bf31dce84
ee6ff548661a2790d21dba64b5413ad050a8eda3e79b49a20a4272d53ac46604
ef9be3b0bdd9c3ccbfb68630d52aee21c0b851242c0714bf3a7698b590d7b0b1
f55dccd814d12e9d1bbb5c1942f21fa597939fdf2feac788f46320b3184b119c
f7d789f1c2408a4ef0706eda6cacd23ab47efe8ee603f933a04c40a8865e1b8c
fb27d5d3cbd6c2896cf38feabff52e281fe94d04f217c4536f05a9f76c341c6f

instgram.azurewebsites.net Open in urlscan Pro 65.52.168.70 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

42 Requests

79 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

2026 kBTransfer

8486 kBSize

2 Cookies

9 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

instgram.azurewebsites.net Open in urlscan Pro
65.52.168.70 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

79 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2026 kB
Transfer

8486 kB
Size

2
Cookies

42 HTTP transactions
8 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!