urlscan.io logo urlscan.io
SecurityTrails logo

promo.vediflex.com Open in urlscan Pro
80.74.141.5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://promo.vediflex.com/0xin5/w/1455739/
Effective URL: http://promo.vediflex.com/0xin5/w/1455739/
Submission: On March 09 via manual from ZA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 8 domains to perform 9 HTTP transactions. The main IP is 80.74.141.5, located in Switzerland and belongs to ASN-METANET Routing/peering issues: noc@metanet.ch, CH. The main domain is promo.vediflex.com.
This is the only time promo.vediflex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 80.74.141.5 21069 (ASN-METAN...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 143.204.208.182 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 5
3    80.74.141.5 (Switzerland)

ASN21069 (ASN-METANET Routing/peering issues: noc@metanet.ch, CH)
PTR: mail2.busuu.com
promo.vediflex.com
api.basebone.com
2    2606:4700:3035::681f:5176 (United States)

ASN13335 (CLOUDFLARENET, US)
basebonecdn.com
1    143.204.208.182 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-182.fra53.r.cloudfront.net
d2gkcwmza574jt.cloudfront.net
2    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:825::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
2 www.google-analytics.com promo.vediflex.com
2 basebonecdn.com promo.vediflex.com
2 promo.vediflex.com promo.vediflex.com
1 www.google.de promo.vediflex.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 api.basebone.com promo.vediflex.com
1 d2gkcwmza574jt.cloudfront.net promo.vediflex.com
9 8

This site contains no links.

Subject Issuer Validity Valid
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://promo.vediflex.com/0xin5/w/1455739/
Frame ID: A8095AC0FEE2D6E8A364C42E52D5D72C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

9
Requests

44 %
HTTPS

71 %
IPv6

8
Domains

8
Subdomains

5
IPs

4
Countries

35 kB
Transfer

73 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-137419518-1&cid=252760321.1583754830&jid=1072199798&gjid=178573129&_gid=367844355.1583754830&_u=6GBAgEAB~&z=1695164064 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137419518-1&cid=252760321.1583754830&jid=1072199798&_v=j81&z=1695164064 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137419518-1&cid=252760321.1583754830&jid=1072199798&_v=j81&z=1695164064&slf_rd=1&random=1783226729

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
promo.vediflex.com/0xin5/w/1455739/ 		21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://promo.vediflex.com/0xin5/w/1455739/
Protocol
HTTP/1.1
Server
80.74.141.5 , Switzerland, ASN21069 (ASN-METANET Routing/peering issues: noc@metanet.ch, CH),
Reverse DNS
mail2.busuu.com
Software
Apache /
Resource Hash
bb08ba322964f16a40b6137d99e9592daecc7f3e0dd800677746df10ad1a79ff
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
promo.vediflex.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 09 Mar 2020 11:53:49 GMT
Server
Apache
Set-Cookie
router_id=b10somf5hrc048; expires=Mon, 16-Mar-2020 11:53:49 GMT; Max-Age=604800; path=/ SES=2427885531; expires=Tue, 10-Mar-2020 11:53:49 GMT; Max-Age=86400; path=/0xin5/w/1455739/ LPSID=CB1; path=/
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
X-Frame-Options
DENY
Content-Security-Policy
frame-ancestors 'none'
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
5650
Content-Type
text/html; charset=utf-8
mastery.baseplay.co_logo_black_hor.png
basebonecdn.com/media/images/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://basebonecdn.com/media/images/logos/mastery.baseplay.co_logo_black_hor.png
Requested by
Host: promo.vediflex.com
URL: http://promo.vediflex.com/0xin5/w/1455739/
Protocol
HTTP/1.1
Server
2606:4700:3035::681f:5176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc6c01acd6288a31b3262776b5f90347cab73447497dc3042583d1c9561a4b65

Request headers

Referer
http://promo.vediflex.com/0xin5/w/1455739/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 09 Mar 2020 11:53:50 GMT
Via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
CF-Cache-Status
HIT
Age
773
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
3363
Last-Modified
Mon, 17 Sep 2018 14:39:00 GMT
Server
cloudflare
ETag
"4f0ac634124d0e51a8ace0091b0c2262"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=86400
x-amz-version-id
J5E2hKa1hkAVpy9ta.ExX6wBKFb0u4V.
X-Amz-Cf-Pop
FRA53-C1
Accept-Ranges
bytes
CF-RAY
5714990779a11786-FRA
X-Amz-Cf-Id
53ilR4WlRwJljzJq7ePOJhvcOdH4OhwDuKAU_xQbvT5Tr861Gi6aZw==
infographics_lp_za_2f.png
basebonecdn.com/media/images/infographics/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://basebonecdn.com/media/images/infographics/infographics_lp_za_2f.png
Requested by
Host: promo.vediflex.com
URL: http://promo.vediflex.com/0xin5/w/1455739/
Protocol
HTTP/1.1
Server
2606:4700:3035::681f:5176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60cf1c09454cd8a3032e0d97a25eb6db7c5c906c4c589f91ab79f0e416a724df

Request headers

Referer
http://promo.vediflex.com/0xin5/w/1455739/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 09 Mar 2020 11:53:50 GMT
Via
1.1 c0af4e61c683afddf3ccb681bbcb7f2a.cloudfront.net (CloudFront)
CF-Cache-Status
HIT
Age
2605
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
4600
Last-Modified
Thu, 31 Oct 2019 07:47:30 GMT
Server
cloudflare
ETag
"e6e23e6758fc6ce88df507c38c36c0f3"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=86400
x-amz-version-id
Gc79qY918oj3NF6trm3w6_PLLt_qz01V
X-Amz-Cf-Pop
FJR50-C1
Accept-Ranges
bytes
CF-RAY
571499077afbc2a9-FRA
X-Amz-Cf-Id
-aYyiK54zlD0lIWe2HirH7vMunPrlvCR1whTA1TgKXuTNpdfkYPH6A==
baseblock_logo.gif
d2gkcwmza574jt.cloudfront.net/media/images/general/ 		731 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2gkcwmza574jt.cloudfront.net/media/images/general/baseblock_logo.gif
Requested by
Host: promo.vediflex.com
URL: http://promo.vediflex.com/0xin5/w/1455739/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.182 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-208-182.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ea1b2d365d4cb8c31da6e34e7879078c8b24eb572d5a8990cf8180d530cb44e

Request headers

Referer
http://promo.vediflex.com/0xin5/w/1455739/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-amz-version-id
rStPgnSTVjf0J05QjaSSAZHupL230.uE
Via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 May 2018 12:55:22 GMT
Server
AmazonS3
Age
33442
ETag
"a4b52286aedcf3ad23503c6a6290f262"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Date
Mon, 09 Mar 2020 02:36:30 GMT
X-Amz-Cf-Pop
FRA53-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
731
X-Amz-Cf-Id
GtVn-WJBZzashdCRZO7kytK0-B8YU8__jc-7J3okg9UZefzxi3WkLw==
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: promo.vediflex.com
URL: http://promo.vediflex.com/0xin5/w/1455739/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://promo.vediflex.com/0xin5/w/1455739/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
99
date
Mon, 09 Mar 2020 11:52:10 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Mon, 09 Mar 2020 13:52:10 GMT
analytics.php
api.basebone.com/frontend/google/ 		0
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://api.basebone.com/frontend/google/analytics.php
Requested by
Host: promo.vediflex.com
URL: http://promo.vediflex.com/0xin5/w/1455739/
Protocol
HTTP/1.1
Server
80.74.141.5 , Switzerland, ASN21069 (ASN-METANET Routing/peering issues: noc@metanet.ch, CH),
Reverse DNS
mail2.busuu.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://promo.vediflex.com/0xin5/w/1455739/
Origin
http://promo.vediflex.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 09 Mar 2020 11:53:51 GMT
Server
Apache
Access-Control-Allow-Headers
Content-Type
Content-Length
0
Content-Type
text/html; charset=UTF-8
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=298656790&t=pageview&_s=1&dl=http%3A%2F%2Fpromo.vediflex.com%2F0xin5%2Fw%2F1455739%2F&ul=en-us&de=UTF-8&dt=Welcome&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAgEAB~&jid=1072199798&gjid=178573129&cid=252760321.1583754830&tid=UA-137419518-1&_gid=367844355.1583754830&cd2=252760321.1583754830&cd3=2427885531&cd4=2020-03-09T12%3A53%3A49%2B01%3A00&z=2111218994
Requested by
Host: promo.vediflex.com
URL: http://promo.vediflex.com/0xin5/w/1455739/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://promo.vediflex.com/0xin5/w/1455739/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 18 Jan 2020 01:57:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4442172
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-137419518-1&cid=252760321.1583754830&jid=1072199798&gjid=178573129&_gid=367844355.1583754830&_u=6GBAgEAB~&z=1695164064
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137419518-1&cid=252760321.1583754830&jid=1072199798&_v=j81&z=1695164064
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137419518-1&cid=252760321.1583754830&jid=1072199798&_v=j81&z=1695164064&slf_rd=1&random=1783226729
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137419518-1&cid=252760321.1583754830&jid=1072199798&_v=j81&z=1695164064&slf_rd=1&random=1783226729
Requested by
Host: promo.vediflex.com
URL: http://promo.vediflex.com/0xin5/w/1455739/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://promo.vediflex.com/0xin5/w/1455739/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Mar 2020 11:53:50 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Mar 2020 11:53:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137419518-1&cid=252760321.1583754830&jid=1072199798&_v=j81&z=1695164064&slf_rd=1&random=1783226729
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
promo.vediflex.com/0xin5/w/1455739/timing/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://promo.vediflex.com/0xin5/w/1455739/timing/?SES=2427885531
Requested by
Host: promo.vediflex.com
URL: http://promo.vediflex.com/0xin5/w/1455739/
Protocol
HTTP/1.1
Server
80.74.141.5 , Switzerland, ASN21069 (ASN-METANET Routing/peering issues: noc@metanet.ch, CH),
Reverse DNS
mail2.busuu.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://promo.vediflex.com/0xin5/w/1455739/
Origin
http://promo.vediflex.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Mon, 09 Mar 2020 11:53:51 GMT
Server
Apache
Content-Length
0
Content-Type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| analyticsAjaxRequest string| GoogleAnalyticsObject function| ga function| getTimingData function| ajaxRequest object| msisdn object| myButton object| myForm function| checkRegistration function| borderFunction function| show_terms function| hide_terms function| smadexTagCall object| form boolean| requestSent object| input object| price function| disableEvent function| checkMsisdn function| changePrice function| requestPrice object| google_tag_data object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
.vediflex.com/ Name: _gid
Value: GA1.2.367844355.1583754830
.vediflex.com/ Name: _gat_trackerGlobal
Value: 1
.vediflex.com/ Name: _ga
Value: GA1.2.252760321.1583754830
promo.vediflex.com/ Name: LPSID
Value: CB1
promo.vediflex.com/ Name: router_id
Value: b10somf5hrc048
promo.vediflex.com/0xin5/w/1455739/ Name: SES
Value: 2427885531

1 Console Messages

Source Level URL
Text
console-api log URL: http://promo.vediflex.com/0xin5/w/1455739/(Line 97)
Message:
[object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block