urlscan.io logo urlscan.io
SecurityTrails logo

gitea.angry.im Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://gitea.angry.im/PeterCxy/Shelter
Submission: On June 27 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is gitea.angry.im.
TLS certificate: Issued by GTS CA 1P5 on May 6th 2023. Valid for: 3 months.
This is the only time gitea.angry.im was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 2a01:4f8:221:... 24940 (HETZNER-AS)
9 3
Apex Domain
Subdomains		 Transfer
8 angry.im
gitea.angry.im
567 KB
1 typeblog.net
weblate.typeblog.net
18 KB
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1988
2 KB
9 3
Domain Requested by
8 gitea.angry.im 1 redirects gitea.angry.im
1 weblate.typeblog.net gitea.angry.im
1 secure.gravatar.com gitea.angry.im
9 3
Subject Issuer Validity Valid
angry.im
GTS CA 1P5		 2023-05-06 -
2023-08-04		 3 months crt.sh
typeblog.net
ZeroSSL ECC Domain Secure Site CA		 2023-05-29 -
2023-08-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://gitea.angry.im/PeterCxy/Shelter
Frame ID: 9A70352BAF2FA36A46412E01D598E7C8
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PeterCxy/Shelter: Isolate your Big Brother Apps, using Work Profiles - Shelter - Angry.Im Software Forge

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

9
Requests

89 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

587 kB
Transfer

2116 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://gitea.angry.im/avatar/985ea1c5ff603bcfd6d3cbc1ad3585c5?size=72 HTTP 303
  • https://secure.gravatar.com/avatar/985ea1c5ff603bcfd6d3cbc1ad3585c5?d=identicon&s=72

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Shelter
gitea.angry.im/PeterCxy/ 		64 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gitea.angry.im/PeterCxy/Shelter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a68447a67b39ea49663ddb4aa09b77a22cd6eb46b18748f4dd60c5466c3d8b63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate, no-transform
cf-cache-status
DYNAMIC
cf-ray
7dda3df7cb521b93-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 27 Jun 2023 02:25:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBkVOh0SkkHwYKYTOxCrn%2FnKscD7X7BxaaHfJTIKOOccM7sHi04zEzYWJosRMys2UO8dPncankJ2oXHfNhU0NPUFVU3PFNEAyCtjdlwQRmPa7TLI%2FjPkEb8S6VBnJR3p7uS8hz6huUNJgs0tvg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
index.css
gitea.angry.im/assets/css/ 		865 KB
137 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gitea.angry.im/assets/css/index.css?v=1.19.3~0
Requested by
Host: gitea.angry.im
URL: https://gitea.angry.im/PeterCxy/Shelter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0276544afdfa481ad1ca76159a297127dac6db39ee4c94752deef14bb67db0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 02:25:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 03 May 2023 08:31:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"ODg2MDk1aW5kZXguY3NzV2VkLCAwMyBNYXkgMjAyMyAwODozMToxMSBHTVQ="
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzqMSD0eJshHi5EZBDxELFzVIDDzUDWela6QQCkZRfI84q55f8sHu8bH0UzYrhzm%2FPZ8SC%2FmLyYJb0N7dUIjTBYWEt1UeDPewnGSsfruwHGfDoJg%2F%2FS2icwRMh%2FBtDguBd97H8UfVCTOIURCpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
private, max-age=21600
cf-ray
7dda3dfadd411b93-FRA
webcomponents.js
gitea.angry.im/assets/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gitea.angry.im/assets/js/webcomponents.js?v=1.19.3~0
Requested by
Host: gitea.angry.im
URL: https://gitea.angry.im/PeterCxy/Shelter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56b001fb0a9d26b474e7a40a514ba4996df739f699cee4fc863aae32382879a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 02:25:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 03 May 2023 08:31:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"MTkwMzV3ZWJjb21wb25lbnRzLmpzV2VkLCAwMyBNYXkgMjAyMyAwODozMToxMSBHTVQ="
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wz1g%2Bgbclfuea%2Bsq5z6S8VnbtPE6ElGpR0ukc9zRMXlsQhbG1jDeOHhvsLMaaVOCRt%2Fwd9dZE7XiEaTZIx%2FNu1u%2BIG5%2FDrtKbEcapBI9ojPXvAsyhGajGevwQz1J02gFoI6fmVBI5RQnESNfXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=21600
cf-ray
7dda3dfadd451b93-FRA
theme-forgejo-auto.css
gitea.angry.im/assets/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gitea.angry.im/assets/css/theme-forgejo-auto.css?v=1.19.3~0
Requested by
Host: gitea.angry.im
URL: https://gitea.angry.im/PeterCxy/Shelter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41be43b87e933ec5ff0c9b876322c4b43fecc49279cdc5e296c4dcc89fb12954
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 02:25:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 03 May 2023 08:31:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"MTkyNzd0aGVtZS1mb3JnZWpvLWF1dG8uY3NzV2VkLCAwMyBNYXkgMjAyMyAwODozMToxMSBHTVQ="
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jD04th5LU6oDZc5XQKpsAcWnsmZMQ2GoF52m6n4oKfhVy2La1RhiXAFe7zGZwxRSK3q5CE14vJ1T%2Bgy2X01vMCF7YTIbszMAWWMEo8GTbc92B6iH0pPAVIKgpgHwx3c89mexv3aN8YC4kowhWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
private, max-age=21600
cf-ray
7dda3dfadd441b93-FRA
logo.svg
gitea.angry.im/assets/img/ 		503 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gitea.angry.im/assets/img/logo.svg
Requested by
Host: gitea.angry.im
URL: https://gitea.angry.im/PeterCxy/Shelter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
997bea1b94c9b40a4f59d45b127119a51b364edb7d9d689045d4a97876739e89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 02:25:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 03 May 2023 08:31:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"NTAzbG9nby5zdmdXZWQsIDAzIE1heSAyMDIzIDA4OjMxOjExIEdNVA=="
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNwTnRot7V0en37uuMfGBeICM9kFl0A398Z%2F%2BQZuF8JUQYE%2BCOTsbM5yeiG9cWyrskMIZsDrq02Mc5bpiGRPCjvr9WsBHOCramk84YTq%2FnZpGGfzcxslMzh1Rtz2YgWi4LKBlOxr3YvByPLLVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
private, max-age=21600
cf-ray
7dda3dfb7daa1b93-FRA
985ea1c5ff603bcfd6d3cbc1ad3585c5
secure.gravatar.com/avatar/
Redirect Chain
  • https://gitea.angry.im/avatar/985ea1c5ff603bcfd6d3cbc1ad3585c5?size=72
  • https://secure.gravatar.com/avatar/985ea1c5ff603bcfd6d3cbc1ad3585c5?d=identicon&s=72
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/985ea1c5ff603bcfd6d3cbc1ad3585c5?d=identicon&s=72
Requested by
Host: gitea.angry.im
URL: https://gitea.angry.im/PeterCxy/Shelter
Protocol
H2
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
88852779a48385087d6df8125d1f712377270f63843d5d78e0638fef88ab8322

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc
HIT ams 3
date
Tue, 27 Jun 2023 02:25:54 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/985ea1c5ff603bcfd6d3cbc1ad3585c5?d=identicon&s=72>; rel="canonical"
content-length
2094
expires
Tue, 27 Jun 2023 02:30:54 GMT

Redirect headers

date
Tue, 27 Jun 2023 02:25:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipAQbvWJOWN%2BbDmHgQ3CJ1zkajs4kBHBNX9a3N9MNV235N6DlZ58y%2F%2Bu08Tixec%2FX2X2wafZR%2FSsYbcyAbD9i8fDuuACqtdMby%2FskPKjo%2FHBc7rLx9%2FT36EZX9Dg4Qj2TT6aIKxF16Xe%2BfRSew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
https://secure.gravatar.com/avatar/985ea1c5ff603bcfd6d3cbc1ad3585c5?d=identicon&s=72
cache-control
private, max-age=300
cf-ray
7dda3dfbdddf1b93-FRA
multi-auto.svg
weblate.typeblog.net/widgets/shelter/-/shelter/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weblate.typeblog.net/widgets/shelter/-/shelter/multi-auto.svg
Requested by
Host: gitea.angry.im
URL: https://gitea.angry.im/PeterCxy/Shelter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:221:125e::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dea776f88267c8caed9ee0d3b9641f925984d5c09eecaedb70344630c2743709
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 02:25:55 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx/1.18.0
cross-origin-opener-policy
same-origin
vary
Cookie
x-frame-options
DENY
content-type
image/svg+xml; charset=utf-8
cache-control
max-age=3600
index.js
gitea.angry.im/assets/js/ 		1 MB
323 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gitea.angry.im/assets/js/index.js?v=1.19.3~0
Requested by
Host: gitea.angry.im
URL: https://gitea.angry.im/PeterCxy/Shelter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e97d856621e6e4b82761e0dc0aac17d1f035202a48bc000fce7820a07d8aba81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 02:25:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 03 May 2023 08:31:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"MTA3NjAwMWluZGV4LmpzV2VkLCAwMyBNYXkgMjAyMyAwODozMToxMSBHTVQ="
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeJ4DjCH2zxrHbeOt%2FN00GznImc77KE%2Bwzfb%2B3WRNucQMCyflFwTKsa%2FKxKqroIMKFMEX3AygAYOStzOPb8XSEuVvwuwK7ZxDDUDqfxv%2FnHF1NIO2czrngZoPzVrtzjaC1UEgdFL2QruWc82mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=21600
cf-ray
7dda3dfb3d831b93-FRA
icons.9451d5fe.woff2
gitea.angry.im/assets/fonts/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gitea.angry.im/assets/fonts/icons.9451d5fe.woff2
Requested by
Host: gitea.angry.im
URL: https://gitea.angry.im/assets/css/index.css?v=1.19.3~0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://gitea.angry.im/assets/css/index.css?v=1.19.3~0
Origin
https://gitea.angry.im
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 02:25:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
BYPASS
last-modified
Wed, 03 May 2023 08:31:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"Nzk0NDRpY29ucy45NDUxZDVmZS53b2ZmMldlZCwgMDMgTWF5IDIwMjMgMDg6MzE6MTEgR01U"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8wpfmhAzaVC1Z6s5RxlXbcMofzmP6H8jwXp8trRXvOXX4iP5Kp7mjZY9GCKKpXVhjIO7MQy5s%2BiJ41vyq5LXFGap5LkjHNvCuXfSiIHNf67sYMgFY9M%2BTE9W4iJtV%2BlfmOPufRe8idCX84JKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
private, max-age=21600
cf-ray
7dda3dfc0e001b93-FRA

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| config function| __CE_installPolyfill function| updateCloneStates function| Xc object| webpackChunkgitea function| jQuery function| $ object| _globalHandlerErrors object| gsapVersions boolean| aysUnloadSet boolean| __VUE_OPTIONS_API__ boolean| __VUE_PROD_DEVTOOLS__ boolean| __VUE__

2 Cookies

Domain/Path Name / Value
gitea.angry.im/ Name: i_like_gitea
Value: d05bcf2c0aaeee84
gitea.angry.im/ Name: _csrf
Value: I_n6e4SWmg9Yn_n4My9PEpxQI1U6MTY4NzgzMjc1MzkxODUxMDY4OQ

2 Console Messages

Source Level URL
Text
security warning URL: https://gitea.angry.im/PeterCxy/Shelter
Message:
Mixed Content: The page at 'https://gitea.angry.im/PeterCxy/Shelter' was loaded over HTTPS, but requested an insecure element 'http://weblate.typeblog.net/widgets/shelter/-/shelter/multi-auto.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gitea.angry.im/PeterCxy/Shelter(Line 1299)
Message:
Mixed Content: The page at 'https://gitea.angry.im/PeterCxy/Shelter' was loaded over HTTPS, but requested an insecure element 'http://weblate.typeblog.net/widgets/shelter/-/shelter/multi-auto.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN