Submitted URL: https://dpregister.com/sreg/10194549/fdfe9b0a00
Effective URL: https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00
Submission: On November 21 via manual — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 12.44.18.43, located in Pittsburgh, United States and belongs to ATT-INTERNET4, US. The main domain is dpregister.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 2nd 2024. Valid for: a year.
This is the only time dpregister.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 12.44.18.43 7018 (ATT-INTER...)
1 12.44.18.40 7018 (ATT-INTER...)
12 2
Apex Domain
Subdomains
Transfer
12 dpregister.com
dpregister.com
363 KB
1 choruscall.com
services.choruscall.com — Cisco Umbrella Rank: 477620
9 KB
12 2
Domain Requested by
12 dpregister.com 1 redirects dpregister.com
1 services.choruscall.com
12 2

This site contains no links.

Subject Issuer Validity Valid
dpregister.com
Go Daddy Secure Certificate Authority - G2
2024-02-02 -
2025-03-05
a year crt.sh
*.choruscall.com
Go Daddy Secure Certificate Authority - G2
2024-09-17 -
2025-10-19
a year crt.sh

This page contains 1 frames:

Primary Page: https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00
Frame ID: A0E4F270E046B4D9F13CC645DBA473C3
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

Diamond Pass Registration

Page URL History Show full URLs

  1. https://dpregister.com/sreg/10194549/fdfe9b0a00 HTTP 301
    https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityStr... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

371 kB
Transfer

380 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dpregister.com/sreg/10194549/fdfe9b0a00 HTTP 301
    https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request register
dpregister.com/DiamondPassRegistration/
Redirect Chain
  • https://dpregister.com/sreg/10194549/fdfe9b0a00
  • https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00
16 KB
4 KB
Document
General
Full URL
https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
12.44.18.43 Pittsburgh, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
services.choruscall.ca
Software
nginx/1.24.0 /
Resource Hash
01c680d4941e58ec82e8aeed1bbea4a7d54f499adc65a7dadf5b9b6deb495e40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-language
de-DE
content-type
text/html;charset=UTF-8
date
Thu, 21 Nov 2024 13:19:04 GMT
server
nginx/1.24.0
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

content-length
169
content-type
text/html
date
Thu, 21 Nov 2024 13:19:04 GMT
location
https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00
server
nginx/1.24.0
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
registration.css
dpregister.com/DiamondPassRegistration/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://dpregister.com/DiamondPassRegistration/css/registration.css?version=3.5.8
Requested by
Host: dpregister.com
URL: https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
12.44.18.43 Pittsburgh, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
services.choruscall.ca
Software
nginx/1.24.0 /
Resource Hash
62516d14c94cf3642b7148d8c1fa75a5491a2dbd878c0352d13cc23881e34a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
etag
W/"1946-1705087612000"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1946
date
Thu, 21 Nov 2024 13:19:05 GMT
x-xss-protection
1; mode=block
content-type
text/css;charset=UTF-8
last-modified
Fri, 12 Jan 2024 19:26:52 GMT
server
nginx/1.24.0
x-frame-options
DENY
jquery-1.7.min.js
dpregister.com/DiamondPassRegistration/scripts/jquery/
92 KB
92 KB
Script
General
Full URL
https://dpregister.com/DiamondPassRegistration/scripts/jquery/jquery-1.7.min.js?version=3.5.8
Requested by
Host: dpregister.com
URL: https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
12.44.18.43 Pittsburgh, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
services.choruscall.ca
Software
nginx/1.24.0 /
Resource Hash
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
etag
W/"94020-1705087612000"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
94020
date
Thu, 21 Nov 2024 13:19:05 GMT
x-xss-protection
1; mode=block
content-type
text/javascript;charset=UTF-8
last-modified
Fri, 12 Jan 2024 19:26:52 GMT
server
nginx/1.24.0
x-frame-options
DENY
jquery-ui-1.8.10.custom.min.js
dpregister.com/DiamondPassRegistration/scripts/jquery/
203 KB
203 KB
Script
General
Full URL
https://dpregister.com/DiamondPassRegistration/scripts/jquery/jquery-ui-1.8.10.custom.min.js?version=3.5.8
Requested by
Host: dpregister.com
URL: https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
12.44.18.43 Pittsburgh, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
services.choruscall.ca
Software
nginx/1.24.0 /
Resource Hash
0c7b2604c8589b9c9b27532b2b7c4240853a499ed1e82c1a8130228e52aa1c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
etag
W/"207380-1705087612000"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
207380
date
Thu, 21 Nov 2024 13:19:05 GMT
x-xss-protection
1; mode=block
content-type
text/javascript;charset=UTF-8
last-modified
Fri, 12 Jan 2024 19:26:52 GMT
server
nginx/1.24.0
x-frame-options
DENY
jquery.validate.min.js
dpregister.com/DiamondPassRegistration/scripts/plugins/
21 KB
21 KB
Script
General
Full URL
https://dpregister.com/DiamondPassRegistration/scripts/plugins/jquery.validate.min.js?version=3.5.8
Requested by
Host: dpregister.com
URL: https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
12.44.18.43 Pittsburgh, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
services.choruscall.ca
Software
nginx/1.24.0 /
Resource Hash
cde0578486717bb6f75c3a33376116b77677619475c38b5904258e5b118e8436
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
etag
W/"21493-1705087612000"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
21493
date
Thu, 21 Nov 2024 13:19:05 GMT
x-xss-protection
1; mode=block
content-type
text/javascript;charset=UTF-8
last-modified
Fri, 12 Jan 2024 19:26:52 GMT
server
nginx/1.24.0
x-frame-options
DENY
localizetime.js
dpregister.com/DiamondPassRegistration/scripts/
4 KB
4 KB
Script
General
Full URL
https://dpregister.com/DiamondPassRegistration/scripts/localizetime.js?version=3.5.8
Requested by
Host: dpregister.com
URL: https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
12.44.18.43 Pittsburgh, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
services.choruscall.ca
Software
nginx/1.24.0 /
Resource Hash
5ef0396457a94610b486150b7891ef86e94b878f0f443ed0826f9768128e21d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
etag
W/"3660-1705087612000"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
3660
date
Thu, 21 Nov 2024 13:19:05 GMT
x-xss-protection
1; mode=block
content-type
text/javascript;charset=UTF-8
last-modified
Fri, 12 Jan 2024 19:26:52 GMT
server
nginx/1.24.0
x-frame-options
DENY
diamondpassregistration.js
dpregister.com/DiamondPassRegistration/scripts/
32 KB
32 KB
Script
General
Full URL
https://dpregister.com/DiamondPassRegistration/scripts/diamondpassregistration.js?version=3.5.8
Requested by
Host: dpregister.com
URL: https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
12.44.18.43 Pittsburgh, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
services.choruscall.ca
Software
nginx/1.24.0 /
Resource Hash
882c2cc8ca6d4db45704771cafe50b6bfea5fb8d313f563822a02ed93ced1dde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
etag
W/"32596-1705087612000"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
32596
date
Thu, 21 Nov 2024 13:19:05 GMT
x-xss-protection
1; mode=block
content-type
text/javascript;charset=UTF-8
last-modified
Fri, 12 Jan 2024 19:26:52 GMT
server
nginx/1.24.0
x-frame-options
DENY
stickyImg
dpregister.com/DiamondPassRegistration/
2 KB
2 KB
Image
General
Full URL
https://dpregister.com/DiamondPassRegistration/stickyImg
Requested by
Host: dpregister.com
URL: https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
12.44.18.43 Pittsburgh, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
services.choruscall.ca
Software
nginx/1.24.0 /
Resource Hash
3d7e2b8c09b203ac731b1c2ed5e40cd612601211b1839a698a144f5a4fb91c62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private,no-cache,no-store
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 13:19:05 GMT
x-xss-protection
1; mode=block
content-type
image/png;charset=UTF-8
server
nginx/1.24.0
x-frame-options
DENY
getAudioEventInformation.json
dpregister.com/DiamondPassRegistration/secure/register/
809 B
1 KB
XHR
General
Full URL
https://dpregister.com/DiamondPassRegistration/secure/register/getAudioEventInformation.json
Requested by
Host: dpregister.com
URL: https://dpregister.com/DiamondPassRegistration/scripts/jquery/jquery-1.7.min.js?version=3.5.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
12.44.18.43 Pittsburgh, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
services.choruscall.ca
Software
nginx/1.24.0 /
Resource Hash
74de95abd307b0a694e770873fa900f8603574671395932f8ef32c6c4e902b53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, max-age=0
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Thu, 21 Nov 2024 13:19:06 GMT
x-xss-protection
1; mode=block
content-type
application/json;charset=UTF-8
content-language
de-DE
server
nginx/1.24.0
x-frame-options
DENY
load.json
dpregister.com/DiamondPassRegistration/secure/preregistration/style/
427 B
713 B
XHR
General
Full URL
https://dpregister.com/DiamondPassRegistration/secure/preregistration/style/load.json
Requested by
Host: dpregister.com
URL: https://dpregister.com/DiamondPassRegistration/scripts/jquery/jquery-1.7.min.js?version=3.5.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
12.44.18.43 Pittsburgh, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
services.choruscall.ca
Software
nginx/1.24.0 /
Resource Hash
97ac813d0b16a02f74cbe07211ca83eda0aeecbb111c913086eec25b4ec1c2e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, max-age=0
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Thu, 21 Nov 2024 13:19:06 GMT
x-xss-protection
1; mode=block
content-type
application/json;charset=UTF-8
content-language
de-DE
server
nginx/1.24.0
x-frame-options
DENY
favicon.ico
dpregister.com/
0
228 B
Other
General
Full URL
https://dpregister.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
12.44.18.43 Pittsburgh, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
services.choruscall.ca
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dpregister.com/DiamondPassRegistration/register?confirmationNumber=10194549&linkSecurityString=fdfe9b0a00

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
etag
"533b1007-0"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
0
date
Thu, 21 Nov 2024 13:19:06 GMT
x-xss-protection
1; mode=block
content-type
image/x-icon
last-modified
Tue, 01 Apr 2014 19:14:15 GMT
server
nginx/1.24.0
x-frame-options
DENY
nndo_banner_1024.jpg
services.choruscall.com/images/diamondpass/registration/banner/
9 KB
9 KB
Image
General
Full URL
https://services.choruscall.com/images/diamondpass/registration/banner/nndo_banner_1024.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
12.44.18.40 Pittsburgh, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
services.choruscall.com
Software
Apache /
Resource Hash
8b42abb22d277160695013112887402ef2b8755d8917f5c2c82d7dda9309d00d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dpregister.com/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
ETag
"223c-5402ba305f8bc"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
8764
Keep-Alive
timeout=15, max=100
Date
Thu, 21 Nov 2024 13:19:07 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 31 Oct 2016 16:24:06 GMT
Content-Type
image/jpeg
Server
Apache

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| DP_jQuery_1732195145932 function| localizetime function| handleXhrError function| getURLParameter function| cancelSession function| toggleGDPR function| toggleCaptcha function| toggleCaptchaErrorDiv string| namePlaceHolder string| gdprLoginString string| confirmationHeader string| registrationHeader string| includeRegistrationVerificationPage string| enterEmailAddressText string| captchaError string| captchaEnabled

1 Cookies

Domain/Path Name / Value
dpregister.com/DiamondPassRegistration Name: JSESSIONID
Value: F8C762E56D5DD57AB00194964E0DA009

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block