urlscan.io logo urlscan.io
SecurityTrails logo

lm.gaia.esosphera.com Open in urlscan Pro
15.160.41.227  Public Scan

Go To Rescan Add Verdict Report
URL: https://lm.gaia.esosphera.com/v/rdrGH0d6d8
Submission: On November 07 via manual from CO — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 2 domains to perform 11 HTTP transactions. The main IP is 15.160.41.227, located in Milan, Italy and belongs to AMAZON-02, US. The main domain is lm.gaia.esosphera.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 1st 2024. Valid for: a year.
This is the only time lm.gaia.esosphera.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 15.160.41.227 16509 (AMAZON-02)
1 1 18.157.62.228 16509 (AMAZON-02)
3 52.58.170.207 16509 (AMAZON-02)
5 18.66.122.126 16509 (AMAZON-02)
11 4
Apex Domain
Subdomains		 Transfer
9 vivocha.com
www.vivocha.com — Cisco Umbrella Rank: 185133
i3.vivocha.com
cdn.vivocha.com — Cisco Umbrella Rank: 278340
241 KB
2 esosphera.com
lm.gaia.esosphera.com
2 KB
11 2
Domain Requested by
5 cdn.vivocha.com www.vivocha.com
client
3 i3.vivocha.com lm.gaia.esosphera.com
www.vivocha.com
2 lm.gaia.esosphera.com
1 www.vivocha.com 1 redirects
11 4

This site contains no links.

Subject Issuer Validity Valid
*.gaia.esosphera.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-01 -
2025-04-01		 a year crt.sh
cdn.vivocha.com
Amazon RSA 2048 M03		 2024-08-30 -
2025-09-27		 a year crt.sh
i3.vivocha.com
R10		 2024-09-13 -
2024-12-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lm.gaia.esosphera.com/v/rdrGH0d6d8
Frame ID: 785450A5CAF708B50A2045DDB3F3C44B
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

v

Page Statistics

11
Requests

82 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

3
Countries

242 kB
Transfer

806 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.vivocha.com/a/lastminute/api/vivocha.js HTTP 307
  • https://i3.vivocha.com/a/lastminute/api/vivocha.js

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request rdrGH0d6d8
lm.gaia.esosphera.com/v/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lm.gaia.esosphera.com/v/rdrGH0d6d8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
15.160.41.227 Milan, Italy, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-160-41-227.eu-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6308982bf8fc2839e771007adb83f1b846ff027aa927e8ac7eff042ef7945831
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Alternate-Protocol
443:npn-spdy/3
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Nov 2024 11:33:39 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=31536000;
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
vivocha.js
i3.vivocha.com/a/lastminute/api/
Redirect Chain
  • https://www.vivocha.com/a/lastminute/api/vivocha.js
  • https://i3.vivocha.com/a/lastminute/api/vivocha.js
595 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i3.vivocha.com/a/lastminute/api/vivocha.js
Requested by
Host: lm.gaia.esosphera.com
URL: https://lm.gaia.esosphera.com/v/rdrGH0d6d8
Protocol
H2
Server
52.58.170.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-170-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
48653433dea2c800f412d824405880bd85f6e78634597753ef9402984a5177cf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lm.gaia.esosphera.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 07 Nov 2024 11:33:42 GMT
x-xss-protection
1; mode=block
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding

Redirect headers

x-vvc-kpn
zjztb
strict-transport-security
max-age=15724800; includeSubDomains; preload
cache-control
max-age=3600
location
https://i3.vivocha.com/a/lastminute/api/vivocha.js
x-content-type-options
nosniff
expires
Thu, 07 Nov 2024 12:33:41 GMT
content-length
85
date
Thu, 07 Nov 2024 11:33:41 GMT
x-xss-protection
1; mode=block
content-type
text/plain; charset=utf-8
vary
Accept
dataframe.js
cdn.vivocha.com/w/i3/8.4.0-gaia.14/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vivocha.com/w/i3/8.4.0-gaia.14/js/dataframe.js
Requested by
Host: www.vivocha.com
URL: https://www.vivocha.com/a/lastminute/api/vivocha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-126.fra60.r.cloudfront.net
Software
/
Resource Hash
fa148d2ead0a691e03a9f27102f6174948f8c84fd4acec55190d096cb7655435
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lm.gaia.esosphera.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
gzip
age
8765
x-content-type-options
nosniff
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
EWE08CT_8MeCzZTgkZ_2S7w0JZARYmm1wX4mOKv7z1bD3I022id6BQ==
date
Thu, 07 Nov 2024 09:07:38 GMT
x-xss-protection
1; mode=block
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P2
web-campaigns
i3.vivocha.com/a/lastminute/api/v3/public/ 		158 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://i3.vivocha.com/a/lastminute/api/v3/public/web-campaigns
Requested by
Host: www.vivocha.com
URL: https://www.vivocha.com/a/lastminute/api/vivocha.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.58.170.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-170-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2b0666864b12ede89f34d6f5dd24e862081203b8ed1b29ee8aa86ec376e27de8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lm.gaia.esosphera.com/

Response headers

x-vvc-kpn
sx8mb
access-control-expose-headers
Access-Control-Allow-Origin
content-encoding
gzip
etag
W/"27907-b+yi/hPTlFApUNGFNfUrwkba7Yk"
x-content-type-options
nosniff
expires
Thu, 07 Nov 2024 11:34:44 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 07 Nov 2024 11:33:44 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-cache-status
HIT
strict-transport-security
max-age=15724800; includeSubDomains; preload
cache-control
max-age=60
access-control-allow-credentials
true
x-cache-key
https://lm.gaia.esosphera.com-i3.vivocha.com-/a/lastminute/api/v3/public/web-campaigns
access-control-allow-origin
*
x-xss-protection
1; mode=block
favicon.ico
lm.gaia.esosphera.com/ 		52 B
338 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lm.gaia.esosphera.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
15.160.41.227 Milan, Italy, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-160-41-227.eu-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2b8ee22475d8016f087a6f1b2b9d290b2e6e64ca8815ae1fa75188be6ac14c99
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lm.gaia.esosphera.com/v/rdrGH0d6d8

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
Date
Thu, 07 Nov 2024 11:33:44 GMT
Content-Type
application/json; charset=UTF-8
Vary
Accept-Encoding
Server
nginx
3fd42955b8f6bf1c
cdn.vivocha.com/a/lastminute/w/i3/8.4.0-gaia.14/api/v3/public/campaigns/669682b120ee59000687e822/309/1721139752203/en/593c9d522ba76089/ 		874 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.vivocha.com/a/lastminute/w/i3/8.4.0-gaia.14/api/v3/public/campaigns/669682b120ee59000687e822/309/1721139752203/en/593c9d522ba76089/3fd42955b8f6bf1c
Requested by
Host: www.vivocha.com
URL: https://www.vivocha.com/a/lastminute/api/vivocha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-126.fra60.r.cloudfront.net
Software
/
Resource Hash
b416d8cfba19a101ba0fac6814f9dd37e8b191d7a527f1c5e117cf4cf3e7c291
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lm.gaia.esosphera.com/

Response headers

x-vvc-kpn
5hm7v
access-control-expose-headers
Access-Control-Allow-Origin
content-encoding
gzip
etag
W/"36a-+FxTE+YhnWj2vcIjwWVl2ElfQ6E"
age
76386
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 14:20:38 GMT
x-cache
Hit from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
qMTstkbmaBi6gJrr0Bd7LYnlZtn0QP0m73-N-gnkdCpNX5egkN251Q==
date
Wed, 06 Nov 2024 14:20:38 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-cache-status
MISS
strict-transport-security
max-age=15724800; includeSubDomains; preload
cache-control
max-age=604800
access-control-allow-credentials
true
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-cache-key
https://lm.gaia.esosphera.com-i3.vivocha.com-/a/lastminute/api/v3/public/campaigns/669682b120ee59000687e822/309/1721139752203/en/593c9d522ba76089/3fd42955b8f6bf1c
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P2
c0037323806135a2
cdn.vivocha.com/a/lastminute/w/i3/8.4.0-gaia.14/api/v3/public/campaigns/669682b120ee59000687e822/309/1722499070626/en/593c9d522ba76089/ 		32 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.vivocha.com/a/lastminute/w/i3/8.4.0-gaia.14/api/v3/public/campaigns/669682b120ee59000687e822/309/1722499070626/en/593c9d522ba76089/c0037323806135a2
Requested by
Host: www.vivocha.com
URL: https://www.vivocha.com/a/lastminute/api/vivocha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-126.fra60.r.cloudfront.net
Software
/
Resource Hash
9ca76368108b96a881b7963a7f51eb0a5223c72d7591b2753b43f15e2d8d8e8c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lm.gaia.esosphera.com/

Response headers

x-vvc-kpn
m7rk5
access-control-expose-headers
Access-Control-Allow-Origin
content-encoding
gzip
etag
W/"800f-kYe1osLWjkfnDcaxlF/qIZzEy5E"
age
76386
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 14:20:38 GMT
x-cache
Hit from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
Q7X8Lrf11OLxgbRSpnKIgWI0n7i9IolKNSrnXfcJAqWBHJcIBFiI0Q==
date
Wed, 06 Nov 2024 14:20:38 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-cache-status
MISS
strict-transport-security
max-age=15724800; includeSubDomains; preload
cache-control
max-age=604800
access-control-allow-credentials
true
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-cache-key
https://lm.gaia.esosphera.com-i3.vivocha.com-/a/lastminute/api/v3/public/campaigns/669682b120ee59000687e822/309/1722499070626/en/593c9d522ba76089/c0037323806135a2
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P2
conversations
i3.vivocha.com/a/lastminute/api/v3/public/ 		42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://i3.vivocha.com/a/lastminute/api/v3/public/conversations?vvcu=20241107BVVetV9RW37DT6LB&channel=web&full=1
Requested by
Host: www.vivocha.com
URL: https://www.vivocha.com/a/lastminute/api/vivocha.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.58.170.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-170-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lm.gaia.esosphera.com/

Response headers

x-vvc-kpn
lx9bf
strict-transport-security
max-age=15724800; includeSubDomains; preload
access-control-expose-headers
Access-Control-Allow-Origin
content-encoding
gzip
etag
W/"2a-SAIyoeIMzg4iGi2cT1cFgtY/7MA"
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 07 Nov 2024 11:33:45 GMT
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
open-sans.css
cdn.vivocha.com/lib/font-google/css/ 		748 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.vivocha.com/lib/font-google/css/open-sans.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-126.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97eabb4a54dbdca1f0d1f47f1db3e4c3a9cacb55398b77ac059a72bf49e5702c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lm.gaia.esosphera.com/

Response headers

x-amz-version-id
null
etag
"84c4bb76d9cc07bffa4cbcf2de1b5b59"
age
8768
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
748
x-amz-cf-id
Ac-wv6-HLeeB6sspPygvpPlpHzms_7jteTncNDPJLRVNGQ4X5hVItg==
date
Thu, 07 Nov 2024 09:07:37 GMT
content-type
text/css
last-modified
Mon, 12 May 2014 17:03:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
PinkChatIcon1.png
cdn.vivocha.com/assets/lastminute/campaigns/669682b120ee59000687e822/669682b120ee59000687e822-307-1722499070626/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vivocha.com/assets/lastminute/campaigns/669682b120ee59000687e822/669682b120ee59000687e822-307-1722499070626/PinkChatIcon1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-126.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3483206e45e3a52bf32afb149b7c48bea0fefc7ea6fece7789c9b2a791f6d4e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lm.gaia.esosphera.com/

Response headers

x-amz-version-id
null
etag
"9f355b520c576569922dc79196594c61"
age
77383
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
8113
x-amz-cf-id
u9sQg8olM1G1Z8HaTjushiKIJWqSPAn8N85GvZIkLa4IoPJ6JO-uEA==
date
Wed, 06 Nov 2024 14:04:03 GMT
content-type
image/png
last-modified
Wed, 06 Nov 2024 14:03:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
variables.json
cdn.vivocha.com/a/lastminute/w/i3/8.4.0-gaia.14/api/v3/public/campaigns/669682b120ee59000687e822/309/interaction/en/593c9d522ba76089/dd0094e6791d7f5c/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.vivocha.com
URL
https://cdn.vivocha.com/a/lastminute/w/i3/8.4.0-gaia.14/api/v3/public/campaigns/669682b120ee59000687e822/309/interaction/en/593c9d522ba76089/dd0094e6791d7f5c/variables.json

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| vivocha function| manageUserCookie object| vvcData object| vvc_options function| chatClosedByCostumer object| webpackJsonpvivocha function| vvcAutoStartChat boolean| _VIVOCHA_CHAT_STARTED function| haloToggle function| revealWebOpts function| revealOthers

1 Cookies

Domain/Path Name / Value
lm.gaia.esosphera.com/ Name: PHPSESSID
Value: 54ddkc7r2uol76kl2g4m0kcghi

2 Console Messages

Source Level URL
Text
network error URL: https://lm.gaia.esosphera.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://i3.vivocha.com/a/lastminute/api/v3/public/conversations?vvcu=20241107BVVetV9RW37DT6LB&channel=web&full=1
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff