"403 Forbidden" for images on i.sstatic.net

Ask Question

Asked yesterday

Modified yesterday

Viewed 133 times

I'm getting "403 Forbidden" for images loading from https://i.sstatic.net

I first noticed it for profile pictures, including mine here on meta (which is the link in the image above. When I loaded the picture directly I got a cloudflare captcha. After solving I could view the image directly but this didn't affect loading on stackexchange.

It is also affecting regular images including the one in this post.

Is this just a local issue for me or is this a tightening of rules on the domain?

I'm not using a VPN, I'm just using a static business IP, with windows and chrome.

EDIT: it's affecting chrome logged in and logged out, and logged out in a incognito browser with no extensions. It's not affecting Firefox logged out

Full response headers

Failed response body

From the console it's reporting that it's a NotSameOrigin error

edited yesterday

asked yesterday

Sam Dean

42522 silver badges1010 bronze badges

In which country are you, maybe it is related to meta.stackexchange.com/questions/413095/…?

Marijn
– Marijn

2025-10-13 10:35:17 +00:00
Commented yesterday
1

@Marijn I don't think so. i.sstatic.net is the stackexchange owned domain they moved to from imgur

Sam Dean
– Sam Dean

2025-10-13 12:08:32 +00:00
Commented yesterday
What's the Content-Type and response body?

wizzwizz4
– wizzwizz4

2025-10-13 12:15:26 +00:00
Commented yesterday
@wizzwizz4 added those to the question. I am in the UK

Sam Dean
– Sam Dean

2025-10-13 12:24:13 +00:00
Commented yesterday
1

For the last week or so, a lot of images in pages fail to load initially (both on the main sites & in chat), but they may appear after attempting to open them directly. We discussed this issue here: chat.meta.stackexchange.com/transcript/89?m=10227688#10227688

PM 2Ring
– PM 2Ring

2025-10-13 13:20:33 +00:00
Commented yesterday
If you open the image in a new tab, how does it respond? When you have that tab open and go to the developer console, can you under application/cookies/i.static.net remove all cookies and reload? Any different headers? Did you get any cf-* named headers? Can you switch network provider / ISP and try again?

rene
– rene Mod

2025-10-13 13:23:15 +00:00
Commented yesterday
@rene If I open the image then I get a cloudflare captcha and then I can see the image. When on stackexchange.com I have no i.sttatic.net cookies regardless of if it's a browser where I can see them or not. No different headers to the ones in the image. From the same ISP it works in firefox

Sam Dean
– Sam Dean

2025-10-13 14:03:04 +00:00
Commented yesterday
4

So it is a cloudflare issue then. The "you might not be a human" flag got raised by CF on the i.static.net domain but not (yet?) on the stackexchange domain. Given images don't have a mean to present you with a captcha and/.or fingerprint your browser it has no mean to be confident you're not a bot (hence the 403). That changed when you directly visited the image, now CF can send a response with logic in it and potentially a captcha or whatnot. I think SE should discuss with CF if they can handle this scenario more gracefully.

rene
– rene Mod

2025-10-13 14:19:31 +00:00
Commented yesterday
FWIW, that final "Console Errors" image failed to load for me, until I opened it directly.

PM 2Ring
– PM 2Ring

2025-10-13 15:40:32 +00:00
Commented yesterday
2

Possibly related: meta.stackoverflow.com/q/435178/4014959

PM 2Ring
– PM 2Ring

2025-10-14 09:15:20 +00:00
Commented 20 hours ago

Add a comment |

0 You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.

Stack Exchange Network

"403 Forbidden" for images on i.sstatic.net

0

You must log in to answer this question.

Linked

Hot Network Questions

"403 Forbidden" for images on i.sstatic.net

0

You must log in to answer this question.

Linked

Related

Hot Network Questions