urlscan.io logo urlscan.io
SecurityTrails logo

secure-message-service.com Open in urlscan Pro
37.202.0.83  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://secure-message-service.com/
Effective URL: https://secure-message-service.com/user/auth/login
Submission: On August 23 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 37.202.0.83, located in Germany and belongs to MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE. The main domain is secure-message-service.com.
TLS certificate: Issued by R10 on August 23rd 2024. Valid for: 3 months.
This is the only time secure-message-service.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 37.202.0.83 15817 (MITTWALD-...)
15 1
Apex Domain
Subdomains		 Transfer
16 secure-message-service.com
secure-message-service.com
3 MB
15 1
Domain Requested by
16 secure-message-service.com 1 redirects secure-message-service.com
15 1

This site contains links to these domains. Also see Links.

Domain
humhub.org
Subject Issuer Validity Valid
secure-message-service.com
R10		 2024-08-23 -
2024-11-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://secure-message-service.com/user/auth/login
Frame ID: 5AFA697C95A4B2520E803AFA1AABAE25
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - Secure Message Service

Page URL History Show full URLs

  1. https://secure-message-service.com/ HTTP 302
    https://secure-message-service.com/user/auth/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

3094 kB
Transfer

3106 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://secure-message-service.com/ HTTP 302
    https://secure-message-service.com/user/auth/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
secure-message-service.com/user/auth/
Redirect Chain
  • https://secure-message-service.com/
  • https://secure-message-service.com/user/auth/login
21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure-message-service.com/user/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.202.0.83 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
279035567925f856383af9be5772a8d6243e24dd90e834c592de930f7beb25d5
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src *; font-src 'self'; frame-src https://* http://* *; img-src https://* http://* * data:; object-src 'self'; script-src 'self' https://* http://* * 'unsafe-inline' 'report-sample'; style-src * https://* http://* * 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy default-src *; connect-src *; font-src 'self'; frame-src https://* http://* *; img-src https://* http://* * data:; object-src 'self'; script-src 'self' https://* http://* * 'unsafe-inline' 'report-sample'; style-src * https://* http://* * 'unsafe-inline';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
6414
content-security-policy
default-src *; connect-src *; font-src 'self'; frame-src https://* http://* *; img-src https://* http://* * data:; object-src 'self'; script-src 'self' https://* http://* * 'unsafe-inline' 'report-sample'; style-src * https://* http://* * 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Fri, 23 Aug 2024 23:04:06 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-security-policy
default-src *; connect-src *; font-src 'self'; frame-src https://* http://* *; img-src https://* http://* * data:; object-src 'self'; script-src 'self' https://* http://* * 'unsafe-inline' 'report-sample'; style-src * https://* http://* * 'unsafe-inline';
x-content-type-options
nosniff
x-frame-options
sameorigin
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 23 Aug 2024 23:04:06 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://secure-message-service.com/user/auth/login
pragma
no-cache
server
Apache
theme.css
secure-message-service.com/themes/HumHub/css/ 		99 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-message-service.com/themes/HumHub/css/theme.css?v=1634291247
Requested by
Host: secure-message-service.com
URL: https://secure-message-service.com/user/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.202.0.83 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
a82ca0f16874ac2f02a5f6812cf4469d8671b8cb055017e99d0708db51516d4f

Request headers

Referer
https://secure-message-service.com/user/auth/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 23:04:06 GMT
last-modified
Fri, 15 Oct 2021 09:47:27 GMT
server
Apache
accept-ranges
bytes
etag
"18b37-5ce61153ca9c0"
content-length
101175
content-type
text/css
theme.css
secure-message-service.com/themes/Unternehmen/css/ 		110 KB
110 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-message-service.com/themes/Unternehmen/css/theme.css?v=1634541431
Requested by
Host: secure-message-service.com
URL: https://secure-message-service.com/user/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.202.0.83 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
aec1bb763519e7cabb784884d7e8602ce26da57d9d4b48eee8807611a1985b2e

Request headers

Referer
https://secure-message-service.com/user/auth/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 23:04:06 GMT
last-modified
Mon, 18 Oct 2021 07:17:11 GMT
server
Apache
accept-ranges
bytes
etag
"1b8a5-5ce9b555d8bc0"
content-length
112805
content-type
text/css
humhub-app.js
secure-message-service.com/static/js/ 		546 KB
547 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-message-service.com/static/js/humhub-app.js?v=1634291247
Requested by
Host: secure-message-service.com
URL: https://secure-message-service.com/user/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.202.0.83 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
3ca3fb5981b6ccd64174a797504afab5e321adf963d30774e0e53640880fcb80

Request headers

Referer
https://secure-message-service.com/user/auth/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 23:04:06 GMT
last-modified
Fri, 15 Oct 2021 09:47:27 GMT
server
Apache
accept-ranges
bytes
etag
"8895b-5ce61153ca9c0"
content-length
559451
content-type
application/javascript
humhub-app.css
secure-message-service.com/static/css/ 		280 KB
280 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-message-service.com/static/css/humhub-app.css?v=1634291247
Requested by
Host: secure-message-service.com
URL: https://secure-message-service.com/user/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.202.0.83 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
2a6b77df7b719fca5eb19805159112fd3114a4209741468412c90c32e902acea

Request headers

Referer
https://secure-message-service.com/user/auth/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 23:04:06 GMT
last-modified
Fri, 15 Oct 2021 09:47:27 GMT
server
Apache
accept-ranges
bytes
etag
"46035-5ce61153ca9c0"
content-length
286773
content-type
text/css
humhub-bundle.js
secure-message-service.com/static/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-message-service.com/static/js/humhub-bundle.js?v=1634291247
Requested by
Host: secure-message-service.com
URL: https://secure-message-service.com/user/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.202.0.83 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
71814b40856a50b47ed8cf0c2a82e2ffc2ef3c2aee5b60b6f0bf49fb2d645ce9

Request headers

Referer
https://secure-message-service.com/user/auth/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 23:04:06 GMT
last-modified
Fri, 15 Oct 2021 09:47:27 GMT
server
Apache
accept-ranges
bytes
etag
"13c045-5ce61153ca9c0"
content-length
1294405
content-type
application/javascript
jquery.loader.js
secure-message-service.com/static/js/humhub/legacy/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-message-service.com/static/js/humhub/legacy/jquery.loader.js?v=1634291247
Requested by
Host: secure-message-service.com
URL: https://secure-message-service.com/user/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.202.0.83 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
819f7e5d794bdb149814414dae18713ed72fc40bd6d59cacf8f19acd598870a3

Request headers

Referer
https://secure-message-service.com/user/auth/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 23:04:06 GMT
last-modified
Fri, 15 Oct 2021 09:47:27 GMT
server
Apache
accept-ranges
bytes
etag
"72e-5ce61153ca9c0"
content-length
1838
content-type
application/javascript
jquery.timeago.it.js
secure-message-service.com/assets/ac2b9cb1/locales/ 		720 B
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-message-service.com/assets/ac2b9cb1/locales/jquery.timeago.it.js?v=1636540045
Requested by
Host: secure-message-service.com
URL: https://secure-message-service.com/user/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.202.0.83 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
f705983598e24f08ac8f671a093e304cf4707f51144b9cd634381397f65c3cd3

Request headers

Referer
https://secure-message-service.com/user/auth/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 23:04:06 GMT
last-modified
Wed, 10 Nov 2021 10:27:25 GMT
server
Apache
etag
"2d0-5d06cac16047f"
content-language
it
content-type
application/javascript
accept-ranges
bytes
content-length
720
login-bg.jpg
secure-message-service.com/themes/Unternehmen/img/ 		648 KB
649 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-message-service.com/themes/Unternehmen/img/login-bg.jpg
Requested by
Host: secure-message-service.com
URL: https://secure-message-service.com/user/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.202.0.83 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
39d08c886c026375174f250ff45495451bfba8d9beff987bee974c9d8295bf3e

Request headers

Referer
https://secure-message-service.com/user/auth/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 23:04:06 GMT
last-modified
Wed, 10 Nov 2021 17:41:13 GMT
server
Apache
accept-ranges
bytes
etag
"a2056-5d072bb782e1f"
content-length
663638
content-type
image/jpeg
open-sans-v17-latin-regular.woff2
secure-message-service.com/static/fonts/open-sans/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure-message-service.com/static/fonts/open-sans/open-sans-v17-latin-regular.woff2
Requested by
Host: secure-message-service.com
URL: https://secure-message-service.com/static/css/humhub-app.css?v=1634291247
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.202.0.83 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Request headers

Referer
https://secure-message-service.com/static/css/humhub-app.css?v=1634291247
Origin
https://secure-message-service.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 23:04:06 GMT
last-modified
Fri, 15 Oct 2021 09:47:28 GMT
server
Apache
accept-ranges
bytes
etag
"382c-5ce61154bec00"
content-length
14380
content-type
font/woff2
open-sans-v17-latin-700.woff2
secure-message-service.com/static/fonts/open-sans/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure-message-service.com/static/fonts/open-sans/open-sans-v17-latin-700.woff2
Requested by
Host: secure-message-service.com
URL: https://secure-message-service.com/static/css/humhub-app.css?v=1634291247
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.202.0.83 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Request headers

Referer
https://secure-message-service.com/static/css/humhub-app.css?v=1634291247
Origin
https://secure-message-service.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 23:04:06 GMT
last-modified
Fri, 15 Oct 2021 09:47:28 GMT
server
Apache
accept-ranges
bytes
etag
"3ad0-5ce61154bec00"
content-length
15056
content-type
font/woff2
open-sans-v17-latin-300.woff2
secure-message-service.com/static/fonts/open-sans/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure-message-service.com/static/fonts/open-sans/open-sans-v17-latin-300.woff2
Requested by
Host: secure-message-service.com
URL: https://secure-message-service.com/static/css/humhub-app.css?v=1634291247
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.202.0.83 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2

Request headers

Referer
https://secure-message-service.com/static/css/humhub-app.css?v=1634291247
Origin
https://secure-message-service.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 23:04:06 GMT
last-modified
Fri, 15 Oct 2021 09:47:28 GMT
server
Apache
accept-ranges
bytes
etag
"3a54-5ce61154bec00"
content-length
14932
content-type
font/woff2
open-sans-v17-latin-600.woff2
secure-message-service.com/static/fonts/open-sans/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure-message-service.com/static/fonts/open-sans/open-sans-v17-latin-600.woff2
Requested by
Host: secure-message-service.com
URL: https://secure-message-service.com/static/css/humhub-app.css?v=1634291247
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.202.0.83 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Request headers

Referer
https://secure-message-service.com/static/css/humhub-app.css?v=1634291247
Origin
https://secure-message-service.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 23:04:06 GMT
last-modified
Fri, 15 Oct 2021 09:47:28 GMT
server
Apache
accept-ranges
bytes
etag
"3a20-5ce61154bec00"
content-length
14880
content-type
font/woff2
32x32.png
secure-message-service.com/assets/siteicons/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://secure-message-service.com/assets/siteicons/32x32.png?v=1636540045
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.202.0.83 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
fafa74e419a949f17cff7387056d2114a6ba3d341be88c3b8b52f3b5c7049679

Request headers

Referer
https://secure-message-service.com/user/auth/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 23:04:07 GMT
last-modified
Wed, 10 Nov 2021 10:27:25 GMT
server
Apache
accept-ranges
bytes
etag
"5bc-5d06cac187582"
content-length
1468
content-type
image/png
fontawesome-webfont.woff2
secure-message-service.com/static/assets/d0b5e22f/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure-message-service.com/static/assets/d0b5e22f/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: secure-message-service.com
URL: https://secure-message-service.com/static/css/humhub-app.css?v=1634291247
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.202.0.83 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://secure-message-service.com/static/css/humhub-app.css?v=1634291247
Origin
https://secure-message-service.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 23:04:07 GMT
last-modified
Fri, 15 Oct 2021 09:47:27 GMT
server
Apache
accept-ranges
bytes
etag
"12d68-5ce61153ca9c0"
content-length
77160
content-type
font/woff2

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| humhub function| setModalLoader function| $ function| jQuery object| yii function| P object| notify object| NProgress object| NiceScroll object| blueimp object| clipboard function| EvEmitter function| imagesLoaded object| hljs object| prosemirror function| HumHubMentionProvider

2 Cookies

Domain/Path Name / Value
secure-message-service.com/ Name: PHPSESSID
Value: mv5oa469af846f3q37rs7ahkjn
secure-message-service.com/ Name: _csrf
Value: ae788c7ce563f9973c9515b178226c2e84a08ac8c3ef8512eb7a4899cb6ad2d2a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22Ie6cjDoUIvdMXMeYtXTmBJ4SjR_KLZ62%22%3B%7D

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://secure-message-service.com/user/auth/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *; connect-src *; font-src 'self'; frame-src https://* http://* *; img-src https://* http://* * data:; object-src 'self'; script-src 'self' https://* http://* * 'unsafe-inline' 'report-sample'; style-src * https://* http://* * 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy default-src *; connect-src *; font-src 'self'; frame-src https://* http://* *; img-src https://* http://* * data:; object-src 'self'; script-src 'self' https://* http://* * 'unsafe-inline' 'report-sample'; style-src * https://* http://* * 'unsafe-inline';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block