urlscan.io logo urlscan.io
SecurityTrails logo

energy.orglinkedin.com Open in urlscan Pro
185.229.118.70  Public Scan

Go To Rescan Add Verdict Report
URL: https://energy.orglinkedin.com/
Submission Tags: @phishunt_io
Submission: On May 28 via api from DE — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 185.229.118.70, located in Manchester, United Kingdom and belongs to AS-HOSTINGER, CY. The main domain is energy.orglinkedin.com.
TLS certificate: Issued by R3 on May 27th 2022. Valid for: 3 months.
This is the only time energy.orglinkedin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 185.229.118.70 47583 (AS-HOSTINGER)
11 2
Apex Domain
Subdomains		 Transfer
11 orglinkedin.com
energy.orglinkedin.com
559 KB
11 1
Domain Requested by
11 energy.orglinkedin.com energy.orglinkedin.com
11 1

This site contains links to these domains. Also see Links.

Domain
wordpress.org
Subject Issuer Validity Valid
*.orglinkedin.com
R3		 2022-05-27 -
2022-08-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://energy.orglinkedin.com/
Frame ID: 8ECB42E6E534F271B93E9D8B1172FDA4
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Energy ORG LINKEDIN - Latest information about Energy World, Oil, Gas, and Electricity

Page URL History Show full URLs

  1. https://energy.orglinkedin.com/ Page URL
  2. https://energy.orglinkedin.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

559 kB
Transfer

1040 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://energy.orglinkedin.com/ Page URL
  2. https://energy.orglinkedin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
energy.orglinkedin.com/ 		31 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://energy.orglinkedin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.229.118.70 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv159.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
27f6ecad279f38674f3725d683fa35b49cf60d27e68a37c4e96249da43c9a15c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 28 May 2022 00:19:31 GMT
etag
"743-1653697171;br"
link
<https://energy.orglinkedin.com/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
strict-transport-security
max-age=31536000
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-litespeed-cache
miss
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
ecb_HTTP.200,ecb_home,ecb_URL.6666cd76f96956469e7be39d750cc7d9,ecb_F,ecb_guest,ecb_,ecb_UCSS.6cd9aec24022824d792872988fdc3426,ecb_MIN.b29d297692a4ff23799e9e3420dc26aa.css,ecb_MIN.ffdc06dbe2bb799bf0621ab2b6e21cec.js
x-powered-by
Niagahoster
x-xss-protection
1; mode=block;
b29d297692a4ff23799e9e3420dc26aa.css
energy.orglinkedin.com/wp-content/litespeed/css/ 		48 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://energy.orglinkedin.com/wp-content/litespeed/css/b29d297692a4ff23799e9e3420dc26aa.css?ver=8427e
Requested by
Host: energy.orglinkedin.com
URL: https://energy.orglinkedin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.229.118.70 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv159.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
6566f255e9f814d6c9b5a8c2000bc5c384383c470faaf072355a6575a09c597a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://energy.orglinkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 00:19:31 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 27 May 2022 20:53:55 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
6373
x-xss-protection
1; mode=block;
expires
Sat, 04 Jun 2022 00:19:31 GMT
truncated
/ 		169 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98ca561a8482d8305123e5cebb82aefa3b8cf9c0512a81893bd2f0840707531a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
SourceSerif4Variable-Roman.ttf.woff2
energy.orglinkedin.com/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/ 		336 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://energy.orglinkedin.com/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/SourceSerif4Variable-Roman.ttf.woff2
Requested by
Host: energy.orglinkedin.com
URL: https://energy.orglinkedin.com/wp-content/litespeed/css/b29d297692a4ff23799e9e3420dc26aa.css?ver=8427e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.229.118.70 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv159.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://energy.orglinkedin.com/wp-content/litespeed/css/b29d297692a4ff23799e9e3420dc26aa.css?ver=8427e
Origin
https://energy.orglinkedin.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 00:19:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Apr 2022 13:56:12 GMT
server
LiteSpeed
x-powered-by
Niagahoster
strict-transport-security
max-age=31536000
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
vary
User-Agent
content-length
428448
x-xss-protection
1; mode=block;
expires
Sat, 04 Jun 2022 00:19:32 GMT
guest.vary.php
energy.orglinkedin.com/wp-content/plugins/litespeed-cache/ 		16 B
153 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://energy.orglinkedin.com/wp-content/plugins/litespeed-cache/guest.vary.php
Requested by
Host: energy.orglinkedin.com
URL: https://energy.orglinkedin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.229.118.70 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv159.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
76fb65f605df2b2d124684c3c4ec3e0c75fdf013b2727af6cdb68b73b5c8a9bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://energy.orglinkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 00:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
x-litespeed-cache-control
no-cache
strict-transport-security
max-age=31536000
content-length
20
x-xss-protection
1; mode=block;
Primary Request /
energy.orglinkedin.com/ 		64 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://energy.orglinkedin.com/
Requested by
Host: energy.orglinkedin.com
URL: https://energy.orglinkedin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.229.118.70 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv159.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
fbe3060e24ca4a4ece49aef8c050eac2bd2ef5af8aa40f66304fac8b9e686639
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://energy.orglinkedin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
13550
content-type
text/html; charset=UTF-8
date
Sat, 28 May 2022 00:19:32 GMT
etag
"744-1653697172;br"
link
<https://energy.orglinkedin.com/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
strict-transport-security
max-age=31536000
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-litespeed-cache
miss
x-powered-by
Niagahoster
x-xss-protection
1; mode=block;
f68899a2b3721d32963d898ad25e3764.css
energy.orglinkedin.com/wp-content/litespeed/css/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://energy.orglinkedin.com/wp-content/litespeed/css/f68899a2b3721d32963d898ad25e3764.css?ver=71331
Requested by
Host: energy.orglinkedin.com
URL: https://energy.orglinkedin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.229.118.70 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv159.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
c20f34fc25e4dbf4f7fcaf7e66215931ff90d1e3068c7bd60b3f4fd7700a13ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://energy.orglinkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 00:19:33 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Sat, 28 May 2022 00:19:32 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1758
x-xss-protection
1; mode=block;
expires
Sat, 04 Jun 2022 00:19:33 GMT
1493a9efbad0a92f97a27865fc8c8137.css
energy.orglinkedin.com/wp-content/litespeed/css/ 		2 KB
596 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://energy.orglinkedin.com/wp-content/litespeed/css/1493a9efbad0a92f97a27865fc8c8137.css?ver=d9196
Requested by
Host: energy.orglinkedin.com
URL: https://energy.orglinkedin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.229.118.70 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv159.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
8a876b4ebf77f514365cdb463c764f8edef0d7d494c2cf614b4a92b694fb646d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://energy.orglinkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 00:19:33 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Sat, 28 May 2022 00:19:32 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
570
x-xss-protection
1; mode=block;
expires
Sat, 04 Jun 2022 00:19:33 GMT
a7915a2c971ac308c7578541095b3c42.js
energy.orglinkedin.com/wp-content/litespeed/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://energy.orglinkedin.com/wp-content/litespeed/js/a7915a2c971ac308c7578541095b3c42.js?ver=24c1b
Requested by
Host: energy.orglinkedin.com
URL: https://energy.orglinkedin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.229.118.70 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv159.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
ce0234634c9b995be0268376c71d1605239baa30e947eec8e805a43cd889434a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://energy.orglinkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 00:19:33 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Sat, 28 May 2022 00:19:32 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
2593
x-xss-protection
1; mode=block;
expires
Sat, 04 Jun 2022 00:19:33 GMT
wp-emoji-release.min.js
energy.orglinkedin.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://energy.orglinkedin.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0
Requested by
Host: energy.orglinkedin.com
URL: https://energy.orglinkedin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.229.118.70 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv159.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://energy.orglinkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 00:19:33 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 04:26:24 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
4582
x-xss-protection
1; mode=block;
expires
Sat, 04 Jun 2022 00:19:33 GMT
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/gif
SourceSerif4Variable-Roman.ttf.woff2
energy.orglinkedin.com/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/ 		418 KB
419 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://energy.orglinkedin.com/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/SourceSerif4Variable-Roman.ttf.woff2
Requested by
Host: energy.orglinkedin.com
URL: https://energy.orglinkedin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.229.118.70 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv159.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
bb8c4212414ce2a7887636e1c6eb1fd3ab46e4391226fd39653a2c2abbb17697
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://energy.orglinkedin.com/
Origin
https://energy.orglinkedin.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 00:19:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Apr 2022 13:56:12 GMT
server
LiteSpeed
x-powered-by
Niagahoster
strict-transport-security
max-age=31536000
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
vary
User-Agent
content-length
428448
x-xss-protection
1; mode=block;
expires
Sat, 04 Jun 2022 00:19:33 GMT
flight-path-on-transparent-d.png
energy.orglinkedin.com/wp-content/themes/twentytwentytwo/assets/images/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://energy.orglinkedin.com/wp-content/themes/twentytwentytwo/assets/images/flight-path-on-transparent-d.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.229.118.70 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv159.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
bff7c407f9b1507e3f6e97eb0f30bab49ffdf42374bd764001ae78208cb60e06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://energy.orglinkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 00:19:34 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Nov 2021 18:44:00 GMT
server
LiteSpeed
x-powered-by
Niagahoster
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
vary
User-Agent
content-length
103639
x-xss-protection
1; mode=block;
expires
Sat, 04 Jun 2022 00:19:34 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation string| litespeed_docref object| _wpemojiSettings object| MicroModal function| LazyLoad object| twemoji object| wp

1 Cookies

Domain/Path Name / Value
energy.orglinkedin.com/ Name: _lscache_vary
Value: cc550985c5a3ec2da9858ea5b909d6b4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;