urlscan.io logo urlscan.io
SecurityTrails logo

search.yahoo.com Open in urlscan Pro
106.10.218.137  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.hogarlainz.com/?q=OJ+BOOK
Effective URL: https://search.yahoo.com/yhs/search?p=OJ%20BOOK&hspart=fc&hsimp=yhs-4004_5&type=fc_AAC94E8DCE0_s58_g_e_d_n109_c999&param1...
Submission: On April 23 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 9 domains to perform 21 HTTP transactions. The main IP is 106.10.218.137, located in Singapore, Singapore and belongs to YAHOO-SG3 internet content provider, SG. The main domain is search.yahoo.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on February 13th 2024. Valid for: 6 months.
This is the only time search.yahoo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.162.192 13335 (CLOUDFLAR...)
2 79.127.235.2 60068 (CDN77 _)
2 54.209.91.188 14618 (AMAZON-AES)
2 162.247.243.39 54113 (FASTLY)
2 162.247.243.29 54113 (FASTLY)
1 1 18.65.244.122 16509 (AMAZON-02)
1 2 106.10.218.137 56173 (YAHOO-SG3...)
21 6
1    172.67.162.192 (United States)

ASN13335 (CLOUDFLARENET, US)
www.hogarlainz.com
2    79.127.235.2 (Singapore, Singapore)

ASN60068 (CDN77 _, GB)
PTR: 460707461.sgp.cdn77.com
www.trustedsear.ch
2    54.209.91.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-91-188.compute-1.amazonaws.com
www.strabbnyipotr3.com
2    162.247.243.39 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
1    18.65.244.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-122.syd3.r.cloudfront.net
seek.searchthatweb.com
2    106.10.218.137 (Singapore, Singapore)

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: ats1.l7.search.vip.sg3.yahoo.com
au.search.yahoo.com
search.yahoo.com
Apex Domain
Subdomains		 Transfer
2 yahoo.com
au.search.yahoo.com — Cisco Umbrella Rank: 684242
search.yahoo.com
88 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 242
1 KB
2 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 594
18 KB
2 strabbnyipotr3.com
www.strabbnyipotr3.com — Cisco Umbrella Rank: 121100
3 KB
2 trustedsear.ch
www.trustedsear.ch — Cisco Umbrella Rank: 561896
26 KB
1 searchthatweb.com
seek.searchthatweb.com — Cisco Umbrella Rank: 382794
976 B
1 hogarlainz.com
www.hogarlainz.com
911 B
0 bing.net Failed
tse3.mm.bing.net Failed
tse4.mm.bing.net Failed
0 yimg.com Failed
s.yimg.com Failed
sp.yimg.com Failed
21 9
Domain Requested by
2 bam.nr-data.net js-agent.newrelic.com
2 js-agent.newrelic.com www.trustedsear.ch
2 www.strabbnyipotr3.com www.trustedsear.ch
2 www.trustedsear.ch www.trustedsear.ch
1 search.yahoo.com www.trustedsear.ch
1 au.search.yahoo.com 1 redirects
1 seek.searchthatweb.com 1 redirects
1 www.hogarlainz.com 1 redirects
0 sp.yimg.com Failed search.yahoo.com
0 tse4.mm.bing.net Failed search.yahoo.com
0 tse3.mm.bing.net Failed search.yahoo.com
0 s.yimg.com Failed search.yahoo.com
21 12

This site contains no links.

Subject Issuer Validity Valid
1335937688.rsc.cdn77.org
R3		 2024-03-17 -
2024-06-15		 3 months crt.sh
www.strabbnyipotr3.com
R3		 2024-03-22 -
2024-06-20		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
*.answers.search.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-02-13 -
2024-08-07		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://search.yahoo.com/yhs/search?p=OJ%20BOOK&hspart=fc&hsimp=yhs-4004_5&type=fc_AAC94E8DCE0_s58_g_e_d_n109_c999&param1=7&param2=eJwti8sKgzAQRX9llgoSJzFGQrb9gm7FRaqphkQjPrD06ztCmcU991xm9ENruueDI0rdNG3RLdQ5aqJ7oegptL6FXwmVYgIrxrlgXAmyo0uk7Ul4WqI5fX2MtqwZQnb5ZUjXDssBHBkaIKGkgY%2BSOdh1je5yr%2BCPsq4aVinIwnTMsYDog4PR9SHl0E9bml3JhWR4H%2Bz2bTf%2Ff%2FkB%2FC85zg%3D%3D
Frame ID: E9D76CBC0ACB95C0B47E397BEA8441A9
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.hogarlainz.com/?q=OJ+BOOK HTTP 307
    https://www.hogarlainz.com/?q=OJ+BOOK HTTP 302
    https://www.trustedsear.ch/?gid=midgunsJJJBDdfv_20000&q=OJ%20BOOK Page URL
  2. https://www.trustedsear.ch/search?gid=midgunsJJJBDdfv_20000&q=OJ%20BOOK&pd_dlfs=753.1000003814697&sl_rfr= Page URL
  3. https://seek.searchthatweb.com/results.aspx?gd=RD1004977&n=109&q=OJ+BOOK&searchsource=58 HTTP 302
    https://au.search.yahoo.com/yhs/search?p=OJ%20BOOK&hspart=fc&hsimp=yhs-4004_5&type=fc_AAC94E8DCE0_s58_g_... HTTP 302
    https://search.yahoo.com/yhs/search?p=OJ%20BOOK&hspart=fc&hsimp=yhs-4004_5&type=fc_AAC94E8DCE0_s58_g_... Page URL

Page Statistics

21
Requests

43 %
HTTPS

0 %
IPv6

9
Domains

12
Subdomains

6
IPs

2
Countries

134 kB
Transfer

514 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.hogarlainz.com/?q=OJ+BOOK HTTP 307
    https://www.hogarlainz.com/?q=OJ+BOOK HTTP 302
    https://www.trustedsear.ch/?gid=midgunsJJJBDdfv_20000&q=OJ%20BOOK Page URL
  2. https://www.trustedsear.ch/search?gid=midgunsJJJBDdfv_20000&q=OJ%20BOOK&pd_dlfs=753.1000003814697&sl_rfr= Page URL
  3. https://seek.searchthatweb.com/results.aspx?gd=RD1004977&n=109&q=OJ+BOOK&searchsource=58 HTTP 302
    https://au.search.yahoo.com/yhs/search?p=OJ%20BOOK&hspart=fc&hsimp=yhs-4004_5&type=fc_AAC94E8DCE0_s58_g_e_d_n109_c999&param1=7&param2=eJwti8sKgzAQRX9llgoSJzFGQrb9gm7FRaqphkQjPrD06ztCmcU991xm9ENruueDI0rdNG3RLdQ5aqJ7oegptL6FXwmVYgIrxrlgXAmyo0uk7Ul4WqI5fX2MtqwZQnb5ZUjXDssBHBkaIKGkgY%2BSOdh1je5yr%2BCPsq4aVinIwnTMsYDog4PR9SHl0E9bml3JhWR4H%2Bz2bTf%2Ff%2FkB%2FC85zg%3D%3D HTTP 302
    https://search.yahoo.com/yhs/search?p=OJ%20BOOK&hspart=fc&hsimp=yhs-4004_5&type=fc_AAC94E8DCE0_s58_g_e_d_n109_c999&param1=7&param2=eJwti8sKgzAQRX9llgoSJzFGQrb9gm7FRaqphkQjPrD06ztCmcU991xm9ENruueDI0rdNG3RLdQ5aqJ7oegptL6FXwmVYgIrxrlgXAmyo0uk7Ul4WqI5fX2MtqwZQnb5ZUjXDssBHBkaIKGkgY%2BSOdh1je5yr%2BCPsq4aVinIwnTMsYDog4PR9SHl0E9bml3JhWR4H%2Bz2bTf%2Ff%2FkB%2FC85zg%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.hogarlainz.com/?q=OJ+BOOK HTTP 307
  • https://www.hogarlainz.com/?q=OJ+BOOK HTTP 302
  • https://www.trustedsear.ch/?gid=midgunsJJJBDdfv_20000&q=OJ%20BOOK

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.trustedsear.ch/
Redirect Chain
  • http://www.hogarlainz.com/?q=OJ+BOOK
  • https://www.hogarlainz.com/?q=OJ+BOOK
  • https://www.trustedsear.ch/?gid=midgunsJJJBDdfv_20000&q=OJ%20BOOK
33 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.trustedsear.ch/?gid=midgunsJJJBDdfv_20000&q=OJ%20BOOK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.235.2 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
460707461.sgp.cdn77.com
Software
CDN77-Turbo /
Resource Hash
c523972a69a3afb8ad930a4ba734498aaed1fc7a514292e9831a0675045982db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, public
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Apr 2024 23:04:18 GMT
etag
W/"c523972a69a3afb8ad930a4ba734498a"
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713913458&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1tqtSULH6j3i1uR1MI162ayeWNqmJf3nA4nAzXk%2Fe3M%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1713913458&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1tqtSULH6j3i1uR1MI162ayeWNqmJf3nA4nAzXk%2Fe3M%3D
server
CDN77-Turbo
vary
Accept-Encoding Origin
via
1.1 vegur
x-77-cache
MISS
x-77-nzt
EwgBT3/rAQEhCAFZu6MyASEIAZySIScBIQ
x-77-nzt-ray
85d6751b866025b8723e2866a70cca10
x-77-pop
singaporeSG
x-cache
MISS
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
768b4e06-cf4c-4e76-96df-bf0ee7179489
x-runtime
0.003760
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87917de1c8785735-SYD
content-type
text/html; charset=utf-8
date
Tue, 23 Apr 2024 23:04:17 GMT
location
https://www.trustedsear.ch/?gid=midgunsJJJBDdfv_20000&q=OJ%20BOOK
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713913457&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=iyTfnWNfxtSbv2VfmfpjnDraS74FleXxlsxz6ZW01Pg%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1713913457&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=iyTfnWNfxtSbv2VfmfpjnDraS74FleXxlsxz6ZW01Pg%3D
server
cloudflare
vary
Accept
via
1.1 vegur
x-powered-by
Express
empty
www.strabbnyipotr3.com/api/ 		2 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.strabbnyipotr3.com/api/empty?gid=midgunsJJJBDdfv_20000&q=OJ%20BOOK
Requested by
Host: www.trustedsear.ch
URL: https://www.trustedsear.ch/?gid=midgunsJJJBDdfv_20000&q=OJ%20BOOK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-91-188.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 23 Apr 2024 23:04:19 GMT
Via
1.1 vegur
X-Content-Type-Options
nosniff
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
2
X-Xss-Protection
0
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1713913459&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=YbAbrRql7O%2BDlt9By%2BLsaZg17l%2B%2BxeEHdwJriEJrlyQ%3D
X-Request-Id
37b542ac-39cf-4364-b34e-d3124e7a73d6
X-Runtime
0.003373
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Etag
W/"44136fa355b3678a1146ad16f7e8649e"
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
GET, OPTIONS, HEAD, POST
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713913459&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=YbAbrRql7O%2BDlt9By%2BLsaZg17l%2B%2BxeEHdwJriEJrlyQ%3D"}]}
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=0, private, must-revalidate
Content-Type
application/json; charset=utf-8
Vary
Accept, Origin
nr-rum-1.257.0.min.js
js-agent.newrelic.com/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-rum-1.257.0.min.js
Requested by
Host: www.trustedsear.ch
URL: https://www.trustedsear.ch/?gid=midgunsJJJBDdfv_20000&q=OJ%20BOOK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac2185eaf27db9d83c2688a55c428a5f18bbe41d8f769c58f41f081b8b17834b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://www.trustedsear.ch
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
hDZawLvU_7lPCCc8KE3sqLucpiUuFFEu
content-encoding
br
via
1.1 varnish
date
Tue, 23 Apr 2024 23:04:19 GMT
strict-transport-security
max-age=300
x-amz-request-id
TBF41G1Q9BC18QBF
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
17464
x-amz-id-2
B7u2YkfrhhQnuj8XIg6Kz+cneSBEGt7X4kXGb7uACWkpzXxMk07OGbAJi9SbD/E6ZlHKXdSSvmY=
x-served-by
cache-syd10154-SYD
last-modified
Fri, 19 Apr 2024 00:43:41 GMT
server
AmazonS3
etag
"04045b88714f08119a0e2fcb74624f22"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
88272
NRJS-5120bf14a849215fc92
bam.nr-data.net/1/ 		151 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-5120bf14a849215fc92?a=1550784682&v=1.257.0&to=IltfQhNbWF4BQBxKUgBGUl5OR1FTFlFbZls%3D&rst=2456&ck=0&s=d8fc464e7ee6266a&ref=https://www.trustedsear.ch/&qt=2&ap=4&be=2099&fe=32&dc=31&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1713913456735,%22n%22:0,%22f%22:753,%22dn%22:1009,%22dne%22:1009,%22c%22:1009,%22s%22:1404,%22ce%22:1499,%22rq%22:1499,%22rp%22:2100,%22rpe%22:2121,%22di%22:2130,%22ds%22:2130,%22de%22:2130,%22dc%22:2130,%22l%22:2130,%22le%22:2131%7D,%22navigation%22:%7B%7D%7D
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.257.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Apr 2024 23:04:20 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.trustedsear.ch
access-control-expose-headers
Date
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
close
timing-allow-origin
https://www.trustedsear.ch
Content-Length
151
x-served-by
cache-syd10154-SYD
search
www.trustedsear.ch/ 		37 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.trustedsear.ch/search?gid=midgunsJJJBDdfv_20000&q=OJ%20BOOK&pd_dlfs=753.1000003814697&sl_rfr=
Requested by
Host: www.trustedsear.ch
URL: https://www.trustedsear.ch/?gid=midgunsJJJBDdfv_20000&q=OJ%20BOOK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.235.2 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
460707461.sgp.cdn77.com
Software
CDN77-Turbo /
Resource Hash
68a8bbb9f6f4174cbe5121a0d4bb9aba6ff7d860da8688e977a7793728c87fc0
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://adshnk.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, public
content-encoding
gzip
content-security-policy
frame-ancestors https://adshnk.com
content-type
text/html; charset=utf-8
date
Tue, 23 Apr 2024 23:04:20 GMT
etag
W/"68a8bbb9f6f4174cbe5121a0d4bb9aba"
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713913459&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=YbAbrRql7O%2BDlt9By%2BLsaZg17l%2B%2BxeEHdwJriEJrlyQ%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1713913459&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=YbAbrRql7O%2BDlt9By%2BLsaZg17l%2B%2BxeEHdwJriEJrlyQ%3D
server
CDN77-Turbo
vary
Accept-Encoding Origin
via
1.1 vegur
x-77-cache
MISS
x-77-nzt
EwgBT3/rAQEhCAGP9CGkASEIAZySIScBYQ
x-77-nzt-ray
85d6751b866025b8733e28668ce7f62e
x-77-pop
singaporeSG
x-cache
MISS
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
50b24778-5b07-448c-90ba-c3a69cadecba
x-runtime
0.005707
x-xss-protection
0
NRJS-5120bf14a849215fc92
bam.nr-data.net/events/1/ 		0
0
find
www.strabbnyipotr3.com/api/ 		230 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.strabbnyipotr3.com/api/find?gid=midgunsJJJBDdfv_20000&q=OJ%20BOOK&pd_dlfs=753.1000003814697&sl_rfr=&o=false&i=false&pd_dlfs=753.1000003814697&ht_fp=p
Requested by
Host: www.trustedsear.ch
URL: https://www.trustedsear.ch/search?gid=midgunsJJJBDdfv_20000&q=OJ%20BOOK&pd_dlfs=753.1000003814697&sl_rfr=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-91-188.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://adshnk.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 23 Apr 2024 23:04:20 GMT
Content-Security-Policy
frame-ancestors https://adshnk.com
X-Content-Type-Options
nosniff
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Via
1.1 vegur
Connection
keep-alive
Content-Length
230
X-Xss-Protection
0
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1713913460&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JdhtyhX1T%2Bu8KeId4Yndp7iK2hSQbKGLtZEmJCC%2BULQ%3D
X-Request-Id
f207bed0-0634-4fcf-97c2-1801434704f4
X-Runtime
0.017185
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Etag
W/"78021b2f32df17700059870436733bf1"
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
GET, OPTIONS, HEAD, POST
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713913460&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JdhtyhX1T%2Bu8KeId4Yndp7iK2hSQbKGLtZEmJCC%2BULQ%3D"}]}
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=0, private, must-revalidate
Content-Type
application/json; charset=utf-8
Vary
Accept, Origin
nr-rum-1.257.0.min.js
js-agent.newrelic.com/ 		50 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-rum-1.257.0.min.js
Requested by
Host: www.trustedsear.ch
URL: https://www.trustedsear.ch/search?gid=midgunsJJJBDdfv_20000&q=OJ%20BOOK&pd_dlfs=753.1000003814697&sl_rfr=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac2185eaf27db9d83c2688a55c428a5f18bbe41d8f769c58f41f081b8b17834b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://www.trustedsear.ch
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
hDZawLvU_7lPCCc8KE3sqLucpiUuFFEu
content-encoding
br
via
1.1 varnish
date
Tue, 23 Apr 2024 23:04:19 GMT
strict-transport-security
max-age=300
x-amz-request-id
TBF41G1Q9BC18QBF
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
17464
x-amz-id-2
B7u2YkfrhhQnuj8XIg6Kz+cneSBEGt7X4kXGb7uACWkpzXxMk07OGbAJi9SbD/E6ZlHKXdSSvmY=
x-served-by
cache-syd10154-SYD
last-modified
Fri, 19 Apr 2024 00:43:41 GMT
server
AmazonS3
etag
"04045b88714f08119a0e2fcb74624f22"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
88272
NRJS-5120bf14a849215fc92
bam.nr-data.net/1/ 		151 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-5120bf14a849215fc92?a=1550784682&v=1.257.0&to=IltfQhNbWF4BQBxKUgBGUl5OXVpWAUo%3D&rst=644&ck=0&s=d8fc464e7ee6266a&ref=https://www.trustedsear.ch/search&qt=2&ap=7&be=597&fe=41&dc=39&fsh=0&perf=%7B%22timing%22:%7B%22of%22:1713913459736,%22n%22:0,%22u%22:610,%22ue%22:610,%22f%22:3,%22dn%22:3,%22dne%22:3,%22c%22:3,%22s%22:3,%22ce%22:3,%22rq%22:4,%22rp%22:598,%22rpe%22:629,%22di%22:636,%22ds%22:636,%22de%22:636,%22dc%22:636,%22l%22:636,%22le%22:638%7D,%22navigation%22:%7B%7D%7D
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.257.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Apr 2024 23:04:21 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.trustedsear.ch
access-control-expose-headers
Date
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
timing-allow-origin
https://www.trustedsear.ch
Content-Length
151
x-served-by
cache-syd10149-SYD
Primary Request search
search.yahoo.com/yhs/
Redirect Chain
  • https://seek.searchthatweb.com/results.aspx?gd=RD1004977&n=109&q=OJ+BOOK&searchsource=58
  • https://au.search.yahoo.com/yhs/search?p=OJ%20BOOK&hspart=fc&hsimp=yhs-4004_5&type=fc_AAC94E8DCE0_s58_g_e_d_n109_c999&param1=7&param2=eJwti8sKgzAQRX9llgoSJzFGQrb9gm7FRaqphkQjPrD06ztCmcU991xm9ENruue...
  • https://search.yahoo.com/yhs/search?p=OJ%20BOOK&hspart=fc&hsimp=yhs-4004_5&type=fc_AAC94E8DCE0_s58_g_e_d_n109_c999&param1=7&param2=eJwti8sKgzAQRX9llgoSJzFGQrb9gm7FRaqphkQjPrD06ztCmcU991xm9ENruueDI0...
344 KB
87 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://search.yahoo.com/yhs/search?p=OJ%20BOOK&hspart=fc&hsimp=yhs-4004_5&type=fc_AAC94E8DCE0_s58_g_e_d_n109_c999&param1=7&param2=eJwti8sKgzAQRX9llgoSJzFGQrb9gm7FRaqphkQjPrD06ztCmcU991xm9ENruueDI0rdNG3RLdQ5aqJ7oegptL6FXwmVYgIrxrlgXAmyo0uk7Ul4WqI5fX2MtqwZQnb5ZUjXDssBHBkaIKGkgY%2BSOdh1je5yr%2BCPsq4aVinIwnTMsYDog4PR9SHl0E9bml3JhWR4H%2Bz2bTf%2Ff%2FkB%2FC85zg%3D%3D
Requested by
Host: www.trustedsear.ch
URL: https://www.trustedsear.ch/search?gid=midgunsJJJBDdfv_20000&q=OJ%20BOOK&pd_dlfs=753.1000003814697&sl_rfr=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
106.10.218.137 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),
Reverse DNS
ats1.l7.search.vip.sg3.yahoo.com
Software
ATS /
Resource Hash
3b6090fc746f06208e86640056522eb0e475f24c235aa79bb58aad897d8bb904
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' https://*.yahoo.com https://*.yimg.com; script-src 'self' 'unsafe-inline' 'nonce-9DiclNeSy59jJvJvm2f0TQ==' 'unsafe-eval' https://*.yahoo.net https://*.yahoo.com https://*.yimg.com https://*.uservoice.com *.oath.com https://*.hereapi.com https://*.youtube.com *.yahooapis.com blob: *.izlesene.com *.ioam.de *.avg.com *.rewardsaccelerator.com smetrics.att.com; style-src 'self' 'unsafe-inline' https://assets.video.yahoo.net https://*.yimg.com; img-src 'self' data: blob: https://*.aol.com https://s.aolcdn.com https://*.bing.net https://*.yimg.com https://s.ytimg.com yahoo.com https://*.yahoo.com https://*.bing.com *.here.com *.wc.yahoodns.net https://*.doubleclick.net https://sb.scorecardresearch.com https://*.adaptv.advertising.com https://*.vidible.tv https://*.yahoo.net https://*.footprint.net https://*.akamaized.net https://*.cloudfront.net https://*.llnwd.net smetrics.att.com; frame-src 'self' https://*.yahoo.net https://*.youtube.com https://s.yimg.com https://*.yahoo.com https://yahoo.uservoice.com https://*.vidible.tv https://*.advertising.com https://fun.games.com/ https://interactives.ap.org; media-src * blob:; object-src *; connect-src * blob:; font-src * data:; child-src blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=https://csp.search.yahoo.com/xssreport

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
0
cache-control
private
content-encoding
gzip
content-security-policy
frame-ancestors 'none'; default-src 'self' https://*.yahoo.com https://*.yimg.com; script-src 'self' 'unsafe-inline' 'nonce-9DiclNeSy59jJvJvm2f0TQ==' 'unsafe-eval' https://*.yahoo.net https://*.yahoo.com https://*.yimg.com https://*.uservoice.com *.oath.com https://*.hereapi.com https://*.youtube.com *.yahooapis.com blob: *.izlesene.com *.ioam.de *.avg.com *.rewardsaccelerator.com smetrics.att.com; style-src 'self' 'unsafe-inline' https://assets.video.yahoo.net https://*.yimg.com; img-src 'self' data: blob: https://*.aol.com https://s.aolcdn.com https://*.bing.net https://*.yimg.com https://s.ytimg.com yahoo.com https://*.yahoo.com https://*.bing.com *.here.com *.wc.yahoodns.net https://*.doubleclick.net https://sb.scorecardresearch.com https://*.adaptv.advertising.com https://*.vidible.tv https://*.yahoo.net https://*.footprint.net https://*.akamaized.net https://*.cloudfront.net https://*.llnwd.net smetrics.att.com; frame-src 'self' https://*.yahoo.net https://*.youtube.com https://s.yimg.com https://*.yahoo.com https://yahoo.uservoice.com https://*.vidible.tv https://*.advertising.com https://fun.games.com/ https://interactives.ap.org; media-src * blob:; object-src *; connect-src * blob:; font-src * data:; child-src blob:;
content-type
text/html; charset=UTF-8
date
Tue, 23 Apr 2024 23:04:22 GMT
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
referrer-policy
no-referrer-when-downgrade
secure_search_bypass
true
server
ATS
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-decorator-operation
yhs-k8s--production-gq1.search--web-syc-k8s.svc.yahoo.local:4080/*
x-envoy-upstream-service-time
17
x-frame-options
DENY
x-xss-protection
1; mode=block; report=https://csp.search.yahoo.com/xssreport

Redirect headers

age
0
content-encoding
gzip
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 23 Apr 2024 23:04:22 GMT
location
https://search.yahoo.com/yhs/search?p=OJ%20BOOK&hspart=fc&hsimp=yhs-4004_5&type=fc_AAC94E8DCE0_s58_g_e_d_n109_c999&param1=7&param2=eJwti8sKgzAQRX9llgoSJzFGQrb9gm7FRaqphkQjPrD06ztCmcU991xm9ENruueDI0rdNG3RLdQ5aqJ7oegptL6FXwmVYgIrxrlgXAmyo0uk7Ul4WqI5fX2MtqwZQnb5ZUjXDssBHBkaIKGkgY%2BSOdh1je5yr%2BCPsq4aVinIwnTMsYDog4PR9SHl0E9bml3JhWR4H%2Bz2bTf%2Ff%2FkB%2FC85zg%3D%3D
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
referrer-policy
no-referrer-when-downgrade
server
ATS
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-envoy-decorator-operation
yhs-k8s--production-gq1.search--web-syc-k8s.svc.yahoo.local:4080/*
x-envoy-upstream-service-time
12
x-xss-protection
1; mode=block; report=https://csp.search.yahoo.com/xssreport
combo
s.yimg.com/zz/ 		0
0
consent.js
s.yimg.com/oa/ 		0
0
assetManager_85593b53b1f4d56903724fa32149d549_51b5.js
s.yimg.com/pv/static/lib/ 		0
0
th
s.yimg.com/fz/api/res/1.2/hL0t6V_kGEh3h6ZXeWQ3ew--~C/YXBwaWQ9c3JjaGRkO2ZpPWZpbGw7aD0yMjg7cHhvZmY9MDtweW9mZj0wO3E9ODA7dz00MDA-/https://www.bing.com/ 		0
0
th
s.yimg.com/fz/api/res/1.2/sxD0Y7wVuKXz8gsgIag_7Q--~C/YXBwaWQ9c3JjaGRkO2ZpPWZpbGw7aD0yMjg7cHhvZmY9MDtweW9mZj0wO3E9ODA7dz00MDA-/https://www.bing.com/ 		0
0
th
s.yimg.com/fz/api/res/1.2/I2QowRjgvsDZfSdfyHWh4A--~C/YXBwaWQ9c3JjaGRkO2ZpPWZpbGw7aD0yMjg7cHhvZmY9MDtweW9mZj0wO3E9ODA7dz00MDA-/https://www.bing.com/ 		0
0
th
tse3.mm.bing.net/ 		0
0
th
tse4.mm.bing.net/ 		0
0
th
tse4.mm.bing.net/ 		0
0
th
sp.yimg.com/ib/ 		0
0
t_500x300
s.yimg.com/fz/api/res/1.2/HpZYylS7rgMZezKphsfl0A--~C/YXBwaWQ9c3JjaGRkO2ZpPWZpdDtoPTEzMDtxPTgwO3c9ODU-/https://s.yimg.com/zb/imgv1/898a66f9-beb4-3635-bc9d-b2329b00dc23/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam.nr-data.net
URL
https://bam.nr-data.net/events/1/NRJS-5120bf14a849215fc92?a=1550784682&v=1.257.0&to=IltfQhNbWF4BQBxKUgBGUl5OR1FTFlFbZls%3D&rst=3610&ck=0&s=d8fc464e7ee6266a&ref=https://www.trustedsear.ch/
Domain
s.yimg.com
URL
https://s.yimg.com/zz/combo?pv/static/lib/srp-header-css-phoenix-us-yhs_260a77e702215c0b0951658288166e39.css&pv/static/lib/srp-core-css-light-phoenix-us-yhs_aa5f32ab0150c54b1925d48dc5cfa91d.css&pv/static/lib/master-atomic-desktop_cac01212aebe9709bcfeedfba759439f.css
Domain
s.yimg.com
URL
https://s.yimg.com/oa/consent.js
Domain
s.yimg.com
URL
https://s.yimg.com/pv/static/lib/assetManager_85593b53b1f4d56903724fa32149d549_51b5.js
Domain
s.yimg.com
URL
https://s.yimg.com/fz/api/res/1.2/hL0t6V_kGEh3h6ZXeWQ3ew--~C/YXBwaWQ9c3JjaGRkO2ZpPWZpbGw7aD0yMjg7cHhvZmY9MDtweW9mZj0wO3E9ODA7dz00MDA-/https://www.bing.com/th?id=OVFT.BGFBp0jgtbyaLEKaKMCTlS&pid=News&w=700&h=479&c=14&qlt=90
Domain
s.yimg.com
URL
https://s.yimg.com/fz/api/res/1.2/sxD0Y7wVuKXz8gsgIag_7Q--~C/YXBwaWQ9c3JjaGRkO2ZpPWZpbGw7aD0yMjg7cHhvZmY9MDtweW9mZj0wO3E9ODA7dz00MDA-/https://www.bing.com/th?id=OVFT.excO9tq6fyyQqWNzQbYLBC&pid=News&w=466&h=700&c=14&qlt=90
Domain
s.yimg.com
URL
https://s.yimg.com/fz/api/res/1.2/I2QowRjgvsDZfSdfyHWh4A--~C/YXBwaWQ9c3JjaGRkO2ZpPWZpbGw7aD0yMjg7cHhvZmY9MDtweW9mZj0wO3E9ODA7dz00MDA-/https://www.bing.com/th?id=OVFT.zjBk4X1iIB9LsOybJA7uei&pid=News&w=700&h=468&c=14&qlt=90
Domain
tse3.mm.bing.net
URL
https://tse3.mm.bing.net/th?id=OVP.qkZF2AEQH63mGDB6OZTgewHgFo&pid=Api&w=296&h=156&c=7&p=0
Domain
tse4.mm.bing.net
URL
https://tse4.mm.bing.net/th?id=OVP.KEenTIQgpkpyYIY17-iQJQEsDh&pid=Api&w=296&h=156&c=7&p=0
Domain
tse4.mm.bing.net
URL
https://tse4.mm.bing.net/th?id=OVP.weCkJ2HYBogHUUpPuVcyWAEkII&pid=Api&w=296&h=156&c=7&p=0
Domain
sp.yimg.com
URL
https://sp.yimg.com/ib/th?id=OADD2.7146858234240_1VAJ2IL29IL0IT9X9A&pid=21.2&c=16&roil=0.0225&roit=0.0223&roir=0.9775&roib=0.9777&w=442&h=231
Domain
s.yimg.com
URL
https://s.yimg.com/fz/api/res/1.2/HpZYylS7rgMZezKphsfl0A--~C/YXBwaWQ9c3JjaGRkO2ZpPWZpdDtoPTEzMDtxPTgwO3c9ODU-/https://s.yimg.com/zb/imgv1/898a66f9-beb4-3635-bc9d-b2329b00dc23/t_500x300

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Domain/Path Name / Value
www.hogarlainz.com/ Name: ud
Value: 1ff4bd9457c3f8e17262a0969a23f1ee73bdebdf1b06f295541a7a53a1b81df793ea899df3e728212c573fc3ad7207f9ab690f9cc336990af11cf23ac1ce2d7994da58ae7fe68fa5b1c0fc630fc0d20a025ea1059b807fe78a57a61722fdfb0adc78bdeed4e2b97f8ed5e7592dd60902bc95bf1bcf46109a9e497e3e6b19c7a577b435aa5867a56c382e6050683140e49d8a2c253e140fee8b8d3a091c2d119e
.seek.searchthatweb.com/ Name: UserId
Value: D1F27E50-01C5-11EF-BD78-A5C8A1F52CBB
.seek.searchthatweb.com/ Name: UserData
Value: 2024-04-23T23%3A04%3A21.429Z
.yahoo.com/ Name: A1
Value: d=AQABBHU-KGYCEE4Esb9EXF5wKbcWYfqqwrsFEgEBAQGPKWYyZtwu0iMA_eMAAA&S=AQAAArGqQo8iQ98VNtzzSMW4VV8
.yahoo.com/ Name: A3
Value: d=AQABBHU-KGYCEE4Esb9EXF5wKbcWYfqqwrsFEgEBAQGPKWYyZtwu0iMA_eMAAA&S=AQAAArGqQo8iQ98VNtzzSMW4VV8
.yahoo.com/ Name: A1S
Value: d=AQABBHU-KGYCEE4Esb9EXF5wKbcWYfqqwrsFEgEBAQGPKWYyZtwu0iMA_eMAAA&S=AQAAArGqQo8iQ98VNtzzSMW4VV8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0