urlscan.io logo urlscan.io
SecurityTrails logo

app.bonumcoaching.com Open in urlscan Pro
76.76.21.22  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.bonumcoaching.com/evaluation360/64dbc8762745f6e8093934fb
Submission: On August 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 76.76.21.22, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is app.bonumcoaching.com.
TLS certificate: Issued by R3 on June 13th 2023. Valid for: 3 months.
This is the only time app.bonumcoaching.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 76.76.21.22 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.222.104.127 14618 (AMAZON-AES)
10 4
Apex Domain
Subdomains		 Transfer
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3840
onesignal.com — Cisco Umbrella Rank: 1426
img.onesignal.com — Cisco Umbrella Rank: 7498
93 KB
4 bonumcoaching.com
app.bonumcoaching.com
api.bonumcoaching.com
1 MB
10 2
Domain Requested by
3 onesignal.com cdn.onesignal.com
3 app.bonumcoaching.com app.bonumcoaching.com
2 cdn.onesignal.com app.bonumcoaching.com
cdn.onesignal.com
1 img.onesignal.com
1 api.bonumcoaching.com app.bonumcoaching.com
10 5

This site contains no links.

Subject Issuer Validity Valid
app.bonumcoaching.com
R3		 2023-06-13 -
2023-09-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
api.bonumcoaching.com
Amazon RSA 2048 M02		 2022-12-03 -
2024-01-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://app.bonumcoaching.com/evaluation360/64dbc8762745f6e8093934fb
Frame ID: 6CA26B1504D82E8AF8B9F53C2AD82F00
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bonum Coaching

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

10
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

5
Subdomains

4
IPs

1
Countries

1330 kB
Transfer

5173 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 64dbc8762745f6e8093934fb
app.bonumcoaching.com/evaluation360/ 		868 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.bonumcoaching.com/evaluation360/64dbc8762745f6e8093934fb
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
313d3da079b68bf6d89005263f7b45a2bff0d36fc158ac9d4e38c29af309db98
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
34360
cache-control
s-maxage=0
content-disposition
inline; filename="index.html"
content-length
868
content-type
text/html; charset=utf-8
date
Tue, 15 Aug 2023 19:02:31 GMT
etag
"caba5aa55335902bb5c8f01aa2cc0a4d"
server
Vercel
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
x-vercel-id
fra1::wh2h4-1692126151177-a255ff101716
main.b1b2655b.js
app.bonumcoaching.com/static/js/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.bonumcoaching.com/static/js/main.b1b2655b.js
Requested by
Host: app.bonumcoaching.com
URL: https://app.bonumcoaching.com/evaluation360/64dbc8762745f6e8093934fb
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
d191b7cc26ea0c108d3a1db90cdc6fd0dce5dc72b41f382c7932be00397407ca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bonumcoaching.com/evaluation360/64dbc8762745f6e8093934fb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 19:02:31 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::wh2h4-1692126151195-923ad08f943e
age
34359
etag
W/"681ff36a8852e851d9ad7a2bebcf1ef1"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
content-disposition
inline; filename="main.b1b2655b.js"
main.c126f6dd.css
app.bonumcoaching.com/static/css/ 		760 KB
115 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.bonumcoaching.com/static/css/main.c126f6dd.css
Requested by
Host: app.bonumcoaching.com
URL: https://app.bonumcoaching.com/evaluation360/64dbc8762745f6e8093934fb
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
22bbb8eac47e1193f40cdcd394583915aa2a9d244b40db3a5b880e341d5882f3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bonumcoaching.com/evaluation360/64dbc8762745f6e8093934fb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 19:02:31 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::vt67b-1692126151195-5bba8ce176cc
age
34359
etag
W/"6d0925e6c957b9bc2525235c303bc0b5"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
content-disposition
inline; filename="main.c126f6dd.css"
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: app.bonumcoaching.com
URL: https://app.bonumcoaching.com/static/js/main.b1b2655b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bonumcoaching.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 19:02:31 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
946
etag
W/"2a3bbde818bef34d53a0df862ead5d5f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7f73b1419cb86934-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 18 Aug 2023 19:02:31 GMT
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5dcd9301f16cb50ecd88dae749b136703ab8d1c251158e881ed02a8cff20bce3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
355ac5a2bd4df3b67a8650724e14ce3e7d1005e8d73695e9e768bcd64719b049

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
64dbc8762745f6e8093934fb
api.bonumcoaching.com/evaluations/api/evaluation360/ 		23 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bonumcoaching.com/evaluations/api/evaluation360/64dbc8762745f6e8093934fb
Requested by
Host: app.bonumcoaching.com
URL: https://app.bonumcoaching.com/static/js/main.b1b2655b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.104.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-104-127.compute-1.amazonaws.com
Software
/
Resource Hash
705165aa919a5e21daf851dbc2fda383367072767bbe8bda15f113d0b814d177
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.bonumcoaching.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 19:02:32 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"5c91-DnGy6WN/CF5TYCyJ0cB4KRwzzc8"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
x-download-options
noopen
access-control-allow-credentials
true
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bonumcoaching.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 19:02:31 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
946
etag
W/"7f9669464fe15e6a516c0eb693b26dbb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7f73b141ccf56934-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 18 Aug 2023 19:02:31 GMT
web
onesignal.com/api/v1/sync/4793513b-dcbf-4e2e-b473-d7c74025bc50/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/4793513b-dcbf-4e2e-b473-d7c74025bc50/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
437deab6ceb48f12c351973ef2dc435f81aab7387b7909013d71ca670a676614
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bonumcoaching.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 19:02:32 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
f99a6715-38ae-457b-8384-99551ba1b2b7
x-runtime
0.056493
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"437deab6ceb48f12c351973ef2dc435f"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7f73b1422d726934-FRA
access-control-allow-headers
SDK-Version
expires
Tue, 15 Aug 2023 20:02:32 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bonumcoaching.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 19:02:35 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
950
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7f73b155cc598fec-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 14 Sep 2023 19:02:35 GMT
icon
onesignal.com/api/v1/apps/4793513b-dcbf-4e2e-b473-d7c74025bc50/ 		184 B
761 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/4793513b-dcbf-4e2e-b473-d7c74025bc50/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5283feb3c31c3a336ad0cb3ec6d27385cebff456e450486021fad3080372340f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bonumcoaching.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 19:02:35 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
b9473dc5-1206-432b-a395-85c6ca61d93b
x-runtime
0.023723
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"5283feb3c31c3a336ad0cb3ec6d27385"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
7f73b15629901961-FRA
access-control-allow-headers
SDK-Version
bcbc876b-84e2-4381-9919-85b296bf8c8a
img.onesignal.com/permanent/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/bcbc876b-84e2-4381-9919-85b296bf8c8a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df716e1fd9fa9cc1e50bd3cc6504b2bdfb4f5d6c661f270f862f4aeb31e7be2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bonumcoaching.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Tue, 15 Aug 2023 19:02:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
x-guploader-uploadid
ADPycdvI2KmGA8I0C3xs2aGuOr5a-0gVwbCI-9LClqu_YhisPfhDyZsFPK9eKmUsTnv5WLmLsaN_sgUO54dTymWoGwRpYQ
x-goog-meta-x-goog-source-etag
"3d4b5377359bfb0061d461a46eeb83ee"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
9315
pragma
no-cache
last-modified
Tue, 14 Feb 2023 03:54:32 GMT
server
cloudflare
etag
"-CI+Nzt6OlP0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1676346872006287
content-type
application/octet-stream
x-goog-hash
crc32c=7mssWg==, md5=PUtTdzWb+wBh1GGkbuuD7g==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
9315
accept-ranges
bytes
cf-ray
7f73b156ba746934-FRA
expires
Fri, 15 Sep 2023 19:02:35 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _ object| FontAwesomeConfig object| ___FONT_AWESOME___ function| setImmediate function| clearImmediate number| 2f1acc6c3a606b082e5eef5e54414ffb function| OneSignal number| __oneSignalSdkLoadCount function| __jp0

1 Cookies

Domain/Path Name / Value
.onesignal.com/ Name: __cf_bm
Value: .j2VCOOhIMxpXv.F_ydXJQK6L1ayUS0g_eJHF2GlSW0-1692126151-0-AVZ4cpfnyix82WS/9Ii7HPS1mkeikb5PjqqnXksdtyRbbzfNR7MwPzTVB5qo7JzaXw5E0/eEJB5EO/U1tgeXAFU=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000