urlscan.io logo urlscan.io
SecurityTrails logo

applogin.jll.com Open in urlscan Pro
34.203.255.192  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cmoglobal.jll.com/Handlers/TicketLogin.ashx?key=bbe576b319324add820d1c8e6247009ba785346a2de7444e8ce34eccb2a82dc477...
Effective URL: https://applogin.jll.com/login/login.htm?fromURI=%2Fapp%2Ftemplate_wsfed%2Fexk1kedprrqzipVk10h8%2Fsso%2Fwsfed%2Fpassive%3...
Submission: On January 11 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 8 HTTP transactions. The main IP is 34.203.255.192, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is applogin.jll.com. The Cisco Umbrella rank of the primary domain is 798314.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on July 31st 2020. Valid for: 2 years.
This is the only time applogin.jll.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 205.144.64.51 29954 (JLL-AM-CHI)
1 2 34.203.255.192 14618 (AMAZON-AES)
3 143.204.98.5 16509 (AMAZON-02)
1 95.100.153.80 ()
8 4
Apex Domain
Subdomains		 Transfer
5 jll.com
cmoglobal.jll.com
applogin.jll.com — Cisco Umbrella Rank: 798314
authn.jll.com
10 KB
3 oktacdn.com
ok1static.oktacdn.com — Cisco Umbrella Rank: 18020
104 KB
0 go-mpulse.net Failed
s.go-mpulse.net Failed
8 3
Domain Requested by
3 ok1static.oktacdn.com applogin.jll.com
2 applogin.jll.com 1 redirects
2 cmoglobal.jll.com 2 redirects
1 authn.jll.com applogin.jll.com
0 s.go-mpulse.net Failed authn.jll.com
8 5

This site contains no links.

Subject Issuer Validity Valid
applogin.jll.com
DigiCert SHA2 High Assurance Server CA		 2020-07-31 -
2022-08-05		 2 years crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-22 -
2023-01-22		 a year crt.sh
authn.jll.com
DigiCert SHA2 Extended Validation Server CA		 2021-08-03 -
2022-08-03		 a year crt.sh

This page contains 3 frames:

Frame: https://authn.jll.com/
Frame ID: AE6C5D632EF59D0C58BFE90039BFD090
Requests: 6 HTTP requests in this frame

Frame: https://authn.jll.com/loading.html
Frame ID: DAAEF96F5E54329EBCFA4B6AB1C55633
Requests: 1 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/2GTDK-EZKWJ-JTP6S-TUQBT-H6SFJ
Frame ID: 53EB0144BDF2500478288C4B32FB3943
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

JLL - Wird angemeldet…

Page URL History Show full URLs

  1. https://cmoglobal.jll.com/Handlers/TicketLogin.ashx?key=bbe576b319324add820d1c8e6247009ba785346a2de744... HTTP 302
    https://cmoglobal.jll.com/Handlers/ChangeEnvironment.ashx?UserID=90283&DestinationUrl=%2fDocument%2fDo... HTTP 302
    https://applogin.jll.com/app/template_wsfed/exk1kedprrqzipVk10h8/sso/wsfed/passive?wa=wsignin1.0&wtre... HTTP 302
    https://applogin.jll.com/login/login.htm?fromURI=%2Fapp%2Ftemplate_wsfed%2Fexk1kedprrqzipVk10h8%2Fsso... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

63 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

4
IPs

1
Countries

112 kB
Transfer

306 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cmoglobal.jll.com/Handlers/TicketLogin.ashx?key=bbe576b319324add820d1c8e6247009ba785346a2de7444e8ce34eccb2a82dc47732dc9e562e4045b950f97ae3e501ca HTTP 302
    https://cmoglobal.jll.com/Handlers/ChangeEnvironment.ashx?UserID=90283&DestinationUrl=%2fDocument%2fDocumentView.aspx%3fID%3d614161 HTTP 302
    https://applogin.jll.com/app/template_wsfed/exk1kedprrqzipVk10h8/sso/wsfed/passive?wa=wsignin1.0&wtrealm=https%3a%2f%2fcmoglobal.jll.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fHandlers%252fChangeEnvironment.ashx%253fUserID%253d90283%2526DestinationUrl%253d%25252fDocument%25252fDocumentView.aspx%25253fID%25253d614161&wct=2022-01-11T12%3a54%3a23Z HTTP 302
    https://applogin.jll.com/login/login.htm?fromURI=%2Fapp%2Ftemplate_wsfed%2Fexk1kedprrqzipVk10h8%2Fsso%2Fwsfed%2Fpassive%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fcmoglobal.jll.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fHandlers%25252fChangeEnvironment.ashx%25253fUserID%25253d90283%252526DestinationUrl%25253d%2525252fDocument%2525252fDocumentView.aspx%2525253fID%2525253d614161%26wct%3D2022-01-11T12%253a54%253a23Z Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.htm
applogin.jll.com/login/
Redirect Chain
  • https://cmoglobal.jll.com/Handlers/TicketLogin.ashx?key=bbe576b319324add820d1c8e6247009ba785346a2de7444e8ce34eccb2a82dc47732dc9e562e4045b950f97ae3e501ca
  • https://cmoglobal.jll.com/Handlers/ChangeEnvironment.ashx?UserID=90283&DestinationUrl=%2fDocument%2fDocumentView.aspx%3fID%3d614161
  • https://applogin.jll.com/app/template_wsfed/exk1kedprrqzipVk10h8/sso/wsfed/passive?wa=wsignin1.0&wtrealm=https%3a%2f%2fcmoglobal.jll.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fHandlers%252fChangeEn...
  • https://applogin.jll.com/login/login.htm?fromURI=%2Fapp%2Ftemplate_wsfed%2Fexk1kedprrqzipVk10h8%2Fsso%2Fwsfed%2Fpassive%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fcmoglobal.jll.com%26wctx%3D...
8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://applogin.jll.com/login/login.htm?fromURI=%2Fapp%2Ftemplate_wsfed%2Fexk1kedprrqzipVk10h8%2Fsso%2Fwsfed%2Fpassive%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fcmoglobal.jll.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fHandlers%25252fChangeEnvironment.ashx%25253fUserID%25253d90283%252526DestinationUrl%25253d%2525252fDocument%2525252fDocumentView.aspx%2525253fID%2525253d614161%26wct%3D2022-01-11T12%253a54%253a23Z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.255.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
hbo-crtrs.okta.com
Software
nginx /
Resource Hash
98e44c376d8c137cb3df004598e1e8c6062f9ccf8c94fd975d3aad62d87b8b09
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 11 Jan 2022 12:54:24 GMT
Server
nginx
Content-Type
text/html;charset=utf-8
Vary
Accept-Encoding
x-okta-request-id
Yd1@ANbI0gV9L@IHkWqU2AAACiQ
x-xss-protection
0
p3p
CP="HONK"
x-rate-limit-limit
4000
x-rate-limit-remaining
3983
x-rate-limit-reset
1641905719
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
cache-control
no-cache, no-store
pragma
no-cache
expires
0
x-content-type-options
nosniff
content-language
de
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-Robots-Tag
noindex,nofollow
Content-Encoding
gzip
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked

Redirect headers

Date
Tue, 11 Jan 2022 12:54:24 GMT
Server
nginx
Content-Length
0
x-okta-request-id
Yd1@ANbI0gV9L@IHkWqU1wAACiQ
x-xss-protection
0
p3p
CP="HONK"
location
https://applogin.jll.com/login/login.htm?fromURI=%2Fapp%2Ftemplate_wsfed%2Fexk1kedprrqzipVk10h8%2Fsso%2Fwsfed%2Fpassive%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fcmoglobal.jll.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fHandlers%25252fChangeEnvironment.ashx%25253fUserID%25253d90283%252526DestinationUrl%25253d%2525252fDocument%2525252fDocumentView.aspx%2525253fID%2525253d614161%26wct%3D2022-01-11T12%253a54%253a23Z
content-language
en
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-Robots-Tag
noindex,nofollow
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
jquery-1.12.4.05ced5937a65bd185b03749fdd833c98.js
ok1static.oktacdn.com/assets/js/ 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok1static.oktacdn.com/assets/js/jquery-1.12.4.05ced5937a65bd185b03749fdd833c98.js
Requested by
Host: applogin.jll.com
URL: https://applogin.jll.com/login/login.htm?fromURI=%2Fapp%2Ftemplate_wsfed%2Fexk1kedprrqzipVk10h8%2Fsso%2Fwsfed%2Fpassive%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fcmoglobal.jll.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fHandlers%25252fChangeEnvironment.ashx%25253fUserID%25253d90283%252526DestinationUrl%25253d%2525252fDocument%2525252fDocumentView.aspx%2525253fID%2525253d614161%26wct%3D2022-01-11T12%253a54%253a23Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
4a92592a10ee14828698950e3f4ce5d0b011fca631839c64d45f25637c7e2d1a
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://applogin.jll.com/
Origin
https://applogin.jll.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
etag
W/"05ced5937a65bd185b03749fdd833c98"
age
1345811
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 23 Feb 2021 04:30:07 GMT
server
nginx
date
Sun, 26 Dec 2021 23:10:36 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
5g8ZRxakQii9Rzfi2GIh5H4xdNRwBGxEP15MLK0SOwlHUQkLkcHzcg==
expires
Mon, 26 Dec 2022 23:04:13 GMT
interstitial.c945088417aad49efdd215eaef52f687.css
ok1static.oktacdn.com/assets/css/sections/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok1static.oktacdn.com/assets/css/sections/interstitial.c945088417aad49efdd215eaef52f687.css
Requested by
Host: applogin.jll.com
URL: https://applogin.jll.com/login/login.htm?fromURI=%2Fapp%2Ftemplate_wsfed%2Fexk1kedprrqzipVk10h8%2Fsso%2Fwsfed%2Fpassive%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fcmoglobal.jll.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fHandlers%25252fChangeEnvironment.ashx%25253fUserID%25253d90283%252526DestinationUrl%25253d%2525252fDocument%2525252fDocumentView.aspx%2525253fID%2525253d614161%26wct%3D2022-01-11T12%253a54%253a23Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
6396727ee9ab2c53da5804488cab3abcccb98f34e9171261b30bc7fe68951577
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://applogin.jll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
etag
W/"c945088417aad49efdd215eaef52f687"
age
648512
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 13 Dec 2021 23:40:43 GMT
server
nginx
date
Tue, 04 Jan 2022 00:45:52 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
8c4Tr071QlyAndD6kAEF910CGLY7SWLUOgfh0BqhYvRxPxXpHvIIyA==
expires
Wed, 04 Jan 2023 00:45:52 GMT
interstitial.474dce61acfac4a4d016921943cf2a68.js
ok1static.oktacdn.com/assets/js/app/sso/ 		678 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok1static.oktacdn.com/assets/js/app/sso/interstitial.474dce61acfac4a4d016921943cf2a68.js
Requested by
Host: applogin.jll.com
URL: https://applogin.jll.com/login/login.htm?fromURI=%2Fapp%2Ftemplate_wsfed%2Fexk1kedprrqzipVk10h8%2Fsso%2Fwsfed%2Fpassive%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fcmoglobal.jll.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fHandlers%25252fChangeEnvironment.ashx%25253fUserID%25253d90283%252526DestinationUrl%25253d%2525252fDocument%2525252fDocumentView.aspx%2525253fID%2525253d614161%26wct%3D2022-01-11T12%253a54%253a23Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://applogin.jll.com/
Origin
https://applogin.jll.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
etag
W/"474dce61acfac4a4d016921943cf2a68"
age
36973
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 16 Jan 2019 04:37:15 GMT
server
nginx
date
Tue, 11 Jan 2022 02:38:11 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Nl2jyxEYZcQlZ5Y1kOrdXXiCL8E6Z5wbYBNSBODDnect5E9vZhgv3A==
expires
Wed, 11 Jan 2023 02:38:11 GMT
loading.html
authn.jll.com/ Frame DAAE 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://authn.jll.com/loading.html
Requested by
Host: applogin.jll.com
URL: https://applogin.jll.com/login/login.htm?fromURI=%2Fapp%2Ftemplate_wsfed%2Fexk1kedprrqzipVk10h8%2Fsso%2Fwsfed%2Fpassive%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fcmoglobal.jll.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fHandlers%25252fChangeEnvironment.ashx%25253fUserID%25253d90283%252526DestinationUrl%25253d%2525252fDocument%2525252fDocumentView.aspx%2525253fID%2525253d614161%26wct%3D2022-01-11T12%253a54%253a23Z
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.80 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://applogin.jll.com/

Response headers

content-type
text/html
last-modified
Sat, 28 Aug 2021 04:05:26 GMT
accept-ranges
bytes
etag
"0751eec19bd71:0"
access-control-allow-origin
https://jll.okta.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
x-akamai-transformed
9 - 0 pmb=mRUM,1
vary
Accept-Encoding
content-encoding
gzip
date
Tue, 11 Jan 2022 12:54:30 GMT
content-length
1946
server-timing
edge; dur=44 origin; dur=337 cdn-cache; desc=MISS
/
authn.jll.com/ 		0
0
2GTDK-EZKWJ-JTP6S-TUQBT-H6SFJ
s.go-mpulse.net/boomerang/ Frame 53EB 		0
0
/
authn.jll.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
authn.jll.com
URL
https://authn.jll.com/
Domain
s.go-mpulse.net
URL
https://s.go-mpulse.net/boomerang/2GTDK-EZKWJ-JTP6S-TUQBT-H6SFJ
Domain
authn.jll.com
URL
https://authn.jll.com/

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onsecuritypolicyviolation object| onslotchange object| okta function| $ function| jQuery number| interstitialMinWaitTime

4 Cookies

Domain/Path Name / Value
cmoglobal.jll.com/ Name: BIGipServercmoglobal_pool
Value: !xc3oDTgJtWKrqO5nqkQSIDK7iamL/I0C0qKZcGjlvBzzhqixRo29oc+/3qC87k1mhi72OGXMik1Bkg==
applogin.jll.com/ Name: JSESSIONID
Value: 2BDF81899CF646A29B51DED347D2ED11
applogin.jll.com/ Name: t
Value: default
applogin.jll.com/ Name: DT
Value: DI0cmvGT4wrTGSzZLhrFAAgsQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0