urlscan.io logo urlscan.io
SecurityTrails logo

forms.earthdiscord.ga Open in urlscan Pro
185.178.208.181  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://forms.earthdiscord.ga/
Effective URL: https://forms.earthdiscord.ga/
Submission Tags: discord.fish
Submission: On June 27 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 185.178.208.181, located in Russian Federation and belongs to DDOS-GUARD, RU. The main domain is forms.earthdiscord.ga.
TLS certificate: Issued by R3 on June 27th 2022. Valid for: 3 months.
This is the only time forms.earthdiscord.ga was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 185.178.208.181 57724 (DDOS-GUARD)
10 167.99.242.112 14061 (DIGITALOC...)
2 3.67.255.218 16509 (AMAZON-02)
14 4
Apex Domain
Subdomains		 Transfer
12 staticdelivery.ga
earth.staticdelivery.ga
s.staticdelivery.ga
172 KB
2 earthdiscord.ga
forms.earthdiscord.ga
2 KB
14 2
Domain Requested by
10 earth.staticdelivery.ga forms.earthdiscord.ga
earth.staticdelivery.ga
2 s.staticdelivery.ga forms.earthdiscord.ga
s.staticdelivery.ga
2 forms.earthdiscord.ga 1 redirects
14 3

This site contains links to these domains. Also see Links.

Domain
earthdiscord.ga
Subject Issuer Validity Valid
forms.earthdiscord.ga
R3		 2022-06-27 -
2022-09-25		 3 months crt.sh
*.staticdelivery.ga
R3		 2022-05-25 -
2022-08-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://forms.earthdiscord.ga/
Frame ID: 57E6B4FDDEC5E4C25C3038E58039BCA7
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

EARTH Forms

Page URL History Show full URLs

  1. http://forms.earthdiscord.ga/ HTTP 301
    https://forms.earthdiscord.ga/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • sweet(?:-)?alert(?:\.min)?\.js

Page Statistics

14
Requests

93 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

174 kB
Transfer

322 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://forms.earthdiscord.ga/ HTTP 301
    https://forms.earthdiscord.ga/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
forms.earthdiscord.ga/
Redirect Chain
  • http://forms.earthdiscord.ga/
  • https://forms.earthdiscord.ga/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.earthdiscord.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.181 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
8b05a844b3dca241231d120b7e19cdee33da152749ad20e9d15c5179cdad23cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Mon, 27 Jun 2022 17:14:58 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
ddos-guard
vary
Accept-Encoding
via
1.1 alproxy
x-content-type-options
nosniff
x-easteregg-hint
Read_our_privacy_policy
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
568
Content-Type
text/html; charset=utf8
Date
Mon, 27 Jun 2022 17:14:58 GMT
Keep-Alive
timeout=60
Location
https://forms.earthdiscord.ga/
Server
ddos-guard
montserrat.css
earth.staticdelivery.ga/fonts/montserrat/ 		1 KB
458 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earth.staticdelivery.ga/fonts/montserrat/montserrat.css
Requested by
Host: forms.earthdiscord.ga
URL: https://forms.earthdiscord.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
dc421599f42c64c90215087ad7a303a3b1aa1999104f5cd379c5067f4e68693a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://forms.earthdiscord.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6K2HHTRNAK4XH7A90W5DM32
date
Thu, 23 Jun 2022 10:41:41 GMT
content-encoding
br
server
Netlify
age
369199
etag
"6816cee0d1d7d9daa297d4264255bf04-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
368
boxicons.min.css
earth.staticdelivery.ga/boxicons-2.0.9/css/ 		62 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earth.staticdelivery.ga/boxicons-2.0.9/css/boxicons.min.css
Requested by
Host: forms.earthdiscord.ga
URL: https://forms.earthdiscord.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
4fc89b0c376bb37f904f4a63ef38e27ba939b1b2da6df77d127d533bb9d167f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://forms.earthdiscord.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6K2HHTRX60E24NFWKQE92DZ
date
Thu, 23 Jun 2022 10:41:41 GMT
content-encoding
br
server
Netlify
age
369198
etag
"49e7cc58a4be4fc945c9da29512e6918-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
10251
website.css
earth.staticdelivery.ga/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earth.staticdelivery.ga/css/website.css
Requested by
Host: forms.earthdiscord.ga
URL: https://forms.earthdiscord.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
518acbf04564e137d349372e7f11ce6811f27659f721c2bccead5e9942c020ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://forms.earthdiscord.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6K2HHTRMVQR4NBJYKP71BSK
date
Thu, 23 Jun 2022 10:41:41 GMT
content-encoding
br
server
Netlify
age
369199
etag
"a1fc76dbef918a1583340bb31c29ded1-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1734
sweetalert.css
earth.staticdelivery.ga/css/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earth.staticdelivery.ga/css/sweetalert.css
Requested by
Host: forms.earthdiscord.ga
URL: https://forms.earthdiscord.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
69ae0730d01a09f07e73f1f106e3ddc308cd1fdc24cf4220ae2e6ff91c52ec9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://forms.earthdiscord.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6K2HHTR8KF0HVVP8M0ARPB0
date
Thu, 23 Jun 2022 10:41:42 GMT
content-encoding
br
server
Netlify
age
369198
etag
"273f259197f40ba3f6eda5ddb92bfe28-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
4048
sweetalert.js
earth.staticdelivery.ga/js/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://earth.staticdelivery.ga/js/sweetalert.js
Requested by
Host: forms.earthdiscord.ga
URL: https://forms.earthdiscord.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
dd61b3d6a859996a068c20b8788b52b55c01f3ebd8da635bd7444d17d9e919e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://forms.earthdiscord.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6K2HHTRW7TQ89R0GFE7KE6K
date
Thu, 23 Jun 2022 10:41:42 GMT
content-encoding
br
server
Netlify
age
369198
etag
"dce1f60ac8a3859284c5c0c2dcde56ba-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
12786
turbolinks.js
earth.staticdelivery.ga/js/ 		38 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://earth.staticdelivery.ga/js/turbolinks.js
Requested by
Host: forms.earthdiscord.ga
URL: https://forms.earthdiscord.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
c778160cdfe2b7219a007681e07426ef7ed10a32e58d09b2e29cac2e7a718549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://forms.earthdiscord.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6K2HHTRVCT2Z6AW3R14ED70
date
Thu, 23 Jun 2022 10:41:42 GMT
content-encoding
br
server
Netlify
age
369197
etag
"4c2a2bd9a63b609a64a0ee45963808d3-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
8674
main.js
earth.staticdelivery.ga/js/ 		659 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://earth.staticdelivery.ga/js/main.js
Requested by
Host: forms.earthdiscord.ga
URL: https://forms.earthdiscord.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
0cbd1207f1976044746adb0ba4eee8ee5287e31166326e5d394279cc8bea3176
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://forms.earthdiscord.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6K2HHTR2WQA3A3PGP54TSWT
date
Thu, 23 Jun 2022 10:41:42 GMT
server
Netlify
age
369197
etag
"91e6ba30e55b0b8f4a2d76c60b245202-ssl"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
659
script.js
s.staticdelivery.ga/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.staticdelivery.ga/script.js
Requested by
Host: forms.earthdiscord.ga
URL: https://forms.earthdiscord.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.67.255.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-255-218.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
f58331f1d09427870a14c1ca91933211e1e8439dfd86c0467ed0cf79fbda2351
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://forms.earthdiscord.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6K2HJ3SE7Y9JW430KCZ7P5J
date
Mon, 27 Jun 2022 08:04:59 GMT
content-encoding
br
server
Netlify
age
33001
etag
"6bcfd59e87652b5f985301f34357cac6-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
7934
montserrat-4.woff2
earth.staticdelivery.ga/fonts/montserrat/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://earth.staticdelivery.ga/fonts/montserrat/montserrat-4.woff2
Requested by
Host: earth.staticdelivery.ga
URL: https://earth.staticdelivery.ga/fonts/montserrat/montserrat.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
3ead3e72532b12292eceda836daa546d125fbe01536a7b7a8a835d2af32e96da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://earth.staticdelivery.ga/fonts/montserrat/montserrat.css
Origin
https://forms.earthdiscord.ga
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6K2HJ3K16B6F3EQAQ15G324
date
Thu, 23 Jun 2022 10:41:42 GMT
server
Netlify
age
369197
etag
"d870329ddb62f00d1ce83cffcfb0f037-ssl"
strict-transport-security
max-age=31536000
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
14100
boxicons.woff2
earth.staticdelivery.ga/boxicons-2.0.9/fonts/ 		101 KB
101 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://earth.staticdelivery.ga/boxicons-2.0.9/fonts/boxicons.woff2
Requested by
Host: earth.staticdelivery.ga
URL: https://earth.staticdelivery.ga/boxicons-2.0.9/css/boxicons.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
df8458262a7d3d4dad2851655de2b3ba3b711f52e2bfce63ce0348730bb819c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://earth.staticdelivery.ga/boxicons-2.0.9/css/boxicons.min.css
Origin
https://forms.earthdiscord.ga
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6K2HJ3K8WXV2K6MA3EPDSBF
date
Thu, 23 Jun 2022 10:41:42 GMT
server
Netlify
age
369197
etag
"32bc34e520aee6b89bcf90f892f1e12e-ssl"
strict-transport-security
max-age=31536000
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
102988
montserrat-3.woff2
earth.staticdelivery.ga/fonts/montserrat/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://earth.staticdelivery.ga/fonts/montserrat/montserrat-3.woff2
Requested by
Host: earth.staticdelivery.ga
URL: https://earth.staticdelivery.ga/fonts/montserrat/montserrat.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
e393a09aa9c90f44f609dda814fc5551bca03725472f99d87815880b063a473b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://earth.staticdelivery.ga/fonts/montserrat/montserrat.css
Origin
https://forms.earthdiscord.ga
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6K2HJ3K0YC1HCS8MC4EAMB6
date
Thu, 23 Jun 2022 10:41:42 GMT
server
Netlify
age
369197
etag
"f2123d3d6a98d02487a455192003a3f2-ssl"
strict-transport-security
max-age=31536000
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
11504
api
s.staticdelivery.ga/ 		0
0
api
s.staticdelivery.ga/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s.staticdelivery.ga/api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.67.255.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-255-218.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://forms.earthdiscord.ga
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization, Time-Zone
access-control-allow-methods
GET,POST,PATCH,OPTIONS
access-control-allow-origin
https://forms.earthdiscord.ga
age
4
cache-control
no-cache
date
Mon, 27 Jun 2022 17:15:03 GMT
server
Netlify
x-nf-request-id
01G6K2HJB33FBT25C7VE2QN9RD

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.staticdelivery.ga
URL
https://s.staticdelivery.ga/api

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| Turbolinks function| search function| copy object| ackeeTracker

2 Cookies

Domain/Path Name / Value
.earthdiscord.ga/ Name: __ddg1_
Value: q8bZ9E7h3OLpcVNXDmfW
.earthdiscord.ga/ Name: sid
Value: QC6qrI3KKCDUUqdHayRhTk1pFVYsbSVKTCw7WgNKnhQwAcUcGW

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block