urlscan.io logo urlscan.io
SecurityTrails logo

accounts.rydoo.com Open in urlscan Pro
2606:4700::6811:dcea  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://track.rydoo.com/track/click/30107718/expense.rydoo.com?p=eyJzIjoiSU5PbjBoMFpzVnQwd1dzVm0tQ2dVYXJtLWNZIiwidiI6MSw...
Effective URL: https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
Submission: On September 26 via manual from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 13 HTTP transactions. The main IP is 2606:4700::6811:dcea, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is accounts.rydoo.com.
TLS certificate: Issued by GlobalSign Organization Validation CA... on March 28th 2018. Valid for: 2 years.
This is the only time accounts.rydoo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 16 2606:4700::68... 13335 (CLOUDFLAR...)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
13 3
Domain Requested by
11 accounts.rydoo.com 1 redirects accounts.rydoo.com
3 expense.rydoo.com 3 redirects
2 maxcdn.bootstrapcdn.com accounts.rydoo.com
2 track.rydoo.com 2 redirects
1 fonts.googleapis.com accounts.rydoo.com
13 5

This site contains links to these domains. Also see Links.

Domain
expense.rydoo.com
Subject Issuer Validity Valid
*.rydoo.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-03-28 -
2020-03-23		 2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
Frame ID: 224BE9E3913904A717B6016D22E564F1
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://track.rydoo.com/track/click/30107718/expense.rydoo.com?p=eyJzIjoiSU5PbjBoMFpzVnQwd1dzVm0tQ2d... HTTP 301
    https://track.rydoo.com/track/click/30107718/expense.rydoo.com?p=eyJzIjoiSU5PbjBoMFpzVnQwd1dzVm0tQ2d... HTTP 302
    https://expense.rydoo.com/controler/expenses HTTP 302
    https://expense.rydoo.com/login?ReturnUrl=%2fcontroler%2fexpenses HTTP 302
    https://expense.rydoo.com/openid HTTP 302
    https://accounts.rydoo.com/connect/authorize?client_id=secservice.xpd.manageweb&response_type=code+id_t... HTTP 302
    https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

5
Subdomains

3
IPs

3
Countries

518 kB
Transfer

764 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://track.rydoo.com/track/click/30107718/expense.rydoo.com?p=eyJzIjoiSU5PbjBoMFpzVnQwd1dzVm0tQ2dVYXJtLWNZIiwidiI6MSwicCI6IntcInVcIjozMDEwNzcxOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2V4cGVuc2Uucnlkb28uY29tXFxcL2NvbnRyb2xlclxcXC9leHBlbnNlc1xcclxcblwiLFwiaWRcIjpcIjNiNWNmNjUwYzYyNjQ3NmNiNmQ4MzBiYjdmNTMyNTQxXCIsXCJ1cmxfaWRzXCI6W1wiMWM5MDVjNmU0OTg0NjJkZTY2NDIzMDgzMzI3MjBjODUxMjI5Y2ZlMlwiXX0ifQ HTTP 301
    https://track.rydoo.com/track/click/30107718/expense.rydoo.com?p=eyJzIjoiSU5PbjBoMFpzVnQwd1dzVm0tQ2dVYXJtLWNZIiwidiI6MSwicCI6IntcInVcIjozMDEwNzcxOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2V4cGVuc2Uucnlkb28uY29tXFxcL2NvbnRyb2xlclxcXC9leHBlbnNlc1xcclxcblwiLFwiaWRcIjpcIjNiNWNmNjUwYzYyNjQ3NmNiNmQ4MzBiYjdmNTMyNTQxXCIsXCJ1cmxfaWRzXCI6W1wiMWM5MDVjNmU0OTg0NjJkZTY2NDIzMDgzMzI3MjBjODUxMjI5Y2ZlMlwiXX0ifQ HTTP 302
    https://expense.rydoo.com/controler/expenses HTTP 302
    https://expense.rydoo.com/login?ReturnUrl=%2fcontroler%2fexpenses HTTP 302
    https://expense.rydoo.com/openid HTTP 302
    https://accounts.rydoo.com/connect/authorize?client_id=secservice.xpd.manageweb&response_type=code+id_token&scope=openid+SecurityService&redirect_uri=https%3A%2F%2Fexpense.rydoo.com%2Fopenid&state=e5fe6b7b7f29a3a54a3814aa39b9d42c&nonce=c44a0fe37be00bf01dd89437dc34e9d7&response_mode=form_post HTTP 302
    https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
accounts.rydoo.com/
Redirect Chain
  • http://track.rydoo.com/track/click/30107718/expense.rydoo.com?p=eyJzIjoiSU5PbjBoMFpzVnQwd1dzVm0tQ2dVYXJtLWNZIiwidiI6MSwicCI6IntcInVcIjozMDEwNzcxOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2V4cGVuc...
  • https://track.rydoo.com/track/click/30107718/expense.rydoo.com?p=eyJzIjoiSU5PbjBoMFpzVnQwd1dzVm0tQ2dVYXJtLWNZIiwidiI6MSwicCI6IntcInVcIjozMDEwNzcxOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2V4cGVu...
  • https://expense.rydoo.com/controler/expenses
  • https://expense.rydoo.com/login?ReturnUrl=%2fcontroler%2fexpenses
  • https://expense.rydoo.com/openid
  • https://accounts.rydoo.com/connect/authorize?client_id=secservice.xpd.manageweb&response_type=code+id_token&scope=openid+SecurityService&redirect_uri=https%3A%2F%2Fexpense.rydoo.com%2Fopenid&state=...
  • https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
23 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:dcea , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbad5839d15acc088fbac734f2524f20e615bfcab599c7693a36d615c97cff31
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
accounts.rydoo.com
:scheme
https
:path
/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
cookie
__cfduid=da48aa64bbd01794f0f021faf5a466d5e1569502557; SignInMessage.7c12f35817ce81fc4fcdd7db5a637f76=AAEAABFumnA20jAqNx-ZICsodAQmvGQ7qOjHKJlnU-DWnxmk9qmVrE-ez1jBTBZXBPRLvFdhYaY7oltzE5ck0zEOz2iJGV5bwEx_Oi-o-zzGPvjnuJv10zMbqVrVExgBfJyHXstXL4lvbrE8zws8Bmok982cdIQQhbT7aQ5OQYfegMDTe-RsQnltydXpiolkqiCthtYe1ObZe-3_KJWvEka5JW1valALfMYRCYX36yoPFoKflgG_VJmuEUSjvriRNmcVHT73Sz2B4snsrOtnPeovL0DaqPHLGK-MflJ8_C0XfXiP33yPY4SKHbmf5W0EoZVtzWAmYrZ-vdo9K600OrM_hmHMc7s9xdcRXXipknQQ3eba9kD6pzedP3EaflBXXiUKYAABAAB7gObpIuwnmre4yYqV4Z_oiooupHNnYkFW9m8r0QRqE5aBHJ4Cw4JzOLQcYdML_GoeLZm5CRoeps8f85eQE-dlD2TQ8R2-Jf029yCVCL_nmMu-TmQ4AFU1mvRAtXoH4fG69frU_JxYzKCqFQTa3ULxrAz4emrsn0JN58cFJzmPkTunOaO81HlFXbnno-pRg71H1L1Yo4ADczfd_Vcn8ODIXWicMSPOninrMtkQDtSZshDFtdf22h1njBrXuQ1xSzFqyO3UztJv2tgQr-gAa3zDG-a9rbd0nB2Jq879efspYzjFx23cJPFdNNsiZUATheVFaReE59dcocFOaD-8iPimkAEAACNgUcmb69xIZAoX6205VuDBkCBH7zdbvYUcbHUVuzgopn2z-PDYeqvH-zn9d7SnC99fMiLUsUnu1oPojOnAXcmFbYtIULISGBaUwID8IIoCDMryzJeaPzVQdLrV_hhFsKag1SGZSJkBffKTYMhuG_XLUUsHbMunWYgiovydb7fGd_WM0Y8K7jnkXn5vunQBa8Nu9C4KedH_37Ay1V43H1NrGO3Y03xPiBqWWEDWJmRY6Qp6ZFy1doSM-nwIrhwrmpV1B3tJQnHNU6--V_MIm31jzeP_S9i_v6Eh5e4Zn--5tR7_HizQ3eJ0m2VDP2wQ35UCGfTN78lWnYM5T3G0lx6ydBqdJWYDQT6vYti4AoRVzZEDLbHb5AFvBkEpGbNkWRivhQk0PdU0bc0n6fX6o1svPU1YXvFxtFEbTZumGTqyuSyYpzsZOAkmXDGRC3hUjA0btsPAUzQfmBs0uIfsAAVeTTetJoDJJuLyUiX_1F2V5CPcP6G8z37NiIkczlPmXIubBOIFANv_q6VyZozPK30; __cflb=1263976047
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 26 Sep 2019 12:55:58 GMT
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, max-age=0, private
pragma
no-cache
vary
Accept-Encoding
set-cookie
idsrv.xsrf=AAEAADZmNq33FLBZ-zZqRVvj2zLVwpBUeI2nY_mlWyYN2qLwrnUvSSYLl0wiw_SuNRiNXdSacAUZHJ615NKXOn1loVSF5ooRpi0VUf6VAprqgClZ4u0GD1_2kLha9x6Q5xn62hV-DwhiJ-gMo5CJZL1p53wl-tIwxEHXV6oFa24wL7vYZVvM9tLV_-f8ZrmySm228whtFZSi37TIcLB_x1Li9t6ArWbSzy8rv65RMFUmY3DhIbD_jZh-L6RgUhl8CmpvRU2MI33pMpf8KsDs57N0efLx9gvPpGrSBDqdjp3XHCpqRQQEbBA8LvZk-rTg0AVZf1nBKNGp8ATOwat372u8ytTMc7s9xdcRXXipknQQ3eba9kD6pzedP3EaflBXXiUKYAABAACk7Sk3rhnmLSneVkRF3zE-nvuWvNwHsU9H8FE1biUWwwsPSvAuJOuwMGc90HNzPTpOzqtbCxIbcEqjtCrFk-dLErsgr0zljWlBQfW0b7lBTNHETKf1NMQ_gHf8LeyLbGIO2sfQPPMyN6laNuA68oO6-T49K-K-xWQFx6Igz5MuFy39XZgVlOw4u4sam8PCcBHnMSycWVLP7AUmPKfBRtUdqqZdVdAO9z_OOezcLyDxMhM2OxSm-CFL5C6mKH20lrk_XYRRgYBbOiTCS_1L1EpugUUnbVvLw62D2kfYuTrmFcATlcNSlMAZP6Mn9FKGJC52-A5kQ_jrjXGr5We6kWcWIAAAAHCuJ3rKYXfKJJkH_hL6-5RjmKpjIBPZ_rU97ZsqhV7M; path=/; secure; HttpOnly Styling=rydoo; path=/ ClientType=0; path=/ __RequestVerificationToken=KxCl44bYALdNWhMMwJ55U9pXcmY88GkqTqy2nwLkM2Fkze4-YH9PYE1ofy07IKE90NCQ4nZgMDSsVokToy8GvsbeM_E1; path=/; HttpOnly idsrv.xsrf=AAEAADZmNq33FLBZ-zZqRVvj2zLVwpBUeI2nY_mlWyYN2qLwrnUvSSYLl0wiw_SuNRiNXdSacAUZHJ615NKXOn1loVSF5ooRpi0VUf6VAprqgClZ4u0GD1_2kLha9x6Q5xn62hV-DwhiJ-gMo5CJZL1p53wl-tIwxEHXV6oFa24wL7vYZVvM9tLV_-f8ZrmySm228whtFZSi37TIcLB_x1Li9t6ArWbSzy8rv65RMFUmY3DhIbD_jZh-L6RgUhl8CmpvRU2MI33pMpf8KsDs57N0efLx9gvPpGrSBDqdjp3XHCpqRQQEbBA8LvZk-rTg0AVZf1nBKNGp8ATOwat372u8ytTMc7s9xdcRXXipknQQ3eba9kD6pzedP3EaflBXXiUKYAABAACk7Sk3rhnmLSneVkRF3zE-nvuWvNwHsU9H8FE1biUWwwsPSvAuJOuwMGc90HNzPTpOzqtbCxIbcEqjtCrFk-dLErsgr0zljWlBQfW0b7lBTNHETKf1NMQ_gHf8LeyLbGIO2sfQPPMyN6laNuA68oO6-T49K-K-xWQFx6Igz5MuFy39XZgVlOw4u4sam8PCcBHnMSycWVLP7AUmPKfBRtUdqqZdVdAO9z_OOezcLyDxMhM2OxSm-CFL5C6mKH20lrk_XYRRgYBbOiTCS_1L1EpugUUnbVvLw62D2kfYuTrmFcATlcNSlMAZP6Mn9FKGJC52-A5kQ_jrjXGr5We6kWcWIAAAAHCuJ3rKYXfKJJkH_hL6-5RjmKpjIBPZ_rU97ZsqhV7M; path=/; secure; HttpOnly Styling=rydoo; path=/ ClientType=0; path=/
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
request-context
appId=cid-v1:5849bf13-4867-4e1e-804c-e02f1a7ce2e8
strict-transport-security
max-age=15552000; includeSubDomains; preload
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
51c5652b0a3c8cc2-VIE
content-encoding
br

Redirect headers

status
302
date
Thu, 26 Sep 2019 12:55:57 GMT
content-length
0
location
https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
set-cookie
SignInMessage.7c12f35817ce81fc4fcdd7db5a637f76=AAEAABFumnA20jAqNx-ZICsodAQmvGQ7qOjHKJlnU-DWnxmk9qmVrE-ez1jBTBZXBPRLvFdhYaY7oltzE5ck0zEOz2iJGV5bwEx_Oi-o-zzGPvjnuJv10zMbqVrVExgBfJyHXstXL4lvbrE8zws8Bmok982cdIQQhbT7aQ5OQYfegMDTe-RsQnltydXpiolkqiCthtYe1ObZe-3_KJWvEka5JW1valALfMYRCYX36yoPFoKflgG_VJmuEUSjvriRNmcVHT73Sz2B4snsrOtnPeovL0DaqPHLGK-MflJ8_C0XfXiP33yPY4SKHbmf5W0EoZVtzWAmYrZ-vdo9K600OrM_hmHMc7s9xdcRXXipknQQ3eba9kD6pzedP3EaflBXXiUKYAABAAB7gObpIuwnmre4yYqV4Z_oiooupHNnYkFW9m8r0QRqE5aBHJ4Cw4JzOLQcYdML_GoeLZm5CRoeps8f85eQE-dlD2TQ8R2-Jf029yCVCL_nmMu-TmQ4AFU1mvRAtXoH4fG69frU_JxYzKCqFQTa3ULxrAz4emrsn0JN58cFJzmPkTunOaO81HlFXbnno-pRg71H1L1Yo4ADczfd_Vcn8ODIXWicMSPOninrMtkQDtSZshDFtdf22h1njBrXuQ1xSzFqyO3UztJv2tgQr-gAa3zDG-a9rbd0nB2Jq879efspYzjFx23cJPFdNNsiZUATheVFaReE59dcocFOaD-8iPimkAEAACNgUcmb69xIZAoX6205VuDBkCBH7zdbvYUcbHUVuzgopn2z-PDYeqvH-zn9d7SnC99fMiLUsUnu1oPojOnAXcmFbYtIULISGBaUwID8IIoCDMryzJeaPzVQdLrV_hhFsKag1SGZSJkBffKTYMhuG_XLUUsHbMunWYgiovydb7fGd_WM0Y8K7jnkXn5vunQBa8Nu9C4KedH_37Ay1V43H1NrGO3Y03xPiBqWWEDWJmRY6Qp6ZFy1doSM-nwIrhwrmpV1B3tJQnHNU6--V_MIm31jzeP_S9i_v6Eh5e4Zn--5tR7_HizQ3eJ0m2VDP2wQ35UCGfTN78lWnYM5T3G0lx6ydBqdJWYDQT6vYti4AoRVzZEDLbHb5AFvBkEpGbNkWRivhQk0PdU0bc0n6fX6o1svPU1YXvFxtFEbTZumGTqyuSyYpzsZOAkmXDGRC3hUjA0btsPAUzQfmBs0uIfsAAVeTTetJoDJJuLyUiX_1F2V5CPcP6G8z37NiIkczlPmXIubBOIFANv_q6VyZozPK30; path=/; secure; HttpOnly __cflb=1263976047; Secure; path=/; expires=Fri, 27-Sep-19 11:55:57 GMT; HttpOnly
request-context
appId=cid-v1:5849bf13-4867-4e1e-804c-e02f1a7ce2e8
strict-transport-security
max-age=15552000; includeSubDomains; preload
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
51c5652a29a78cc2-VIE
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: accounts.rydoo.com
URL: https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Sep 2019 12:55:58 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
status
200
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
bundle_rydoo
accounts.rydoo.com/Content/ 		161 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.rydoo.com/Content/bundle_rydoo?v=czh_ltmDNBOZI4yM4fsI3tzK61hFAx6oHj6sdzIB67I1
Requested by
Host: accounts.rydoo.com
URL: https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:dcea , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
643123ae58c863929e8b66c3786873dbea7181fe3b2e226c42dc1afeeb628810
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Sep 2019 12:55:58 GMT
content-encoding
br
cf-cache-status
HIT
age
1208267
cf-polished
origSize=165879
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
request-context
appId=cid-v1:5849bf13-4867-4e1e-804c-e02f1a7ce2e8
last-modified
Thu, 12 Sep 2019 13:18:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept-Encoding
content-type
text/css; charset=utf-8
cf-bgj
minify
cache-control
public, max-age=31536000
cf-ray
51c5652bbad48cc2-VIE
expires
Fri, 25 Sep 2020 12:55:58 GMT
app_bundle
accounts.rydoo.com/Scripts/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.rydoo.com/Scripts/app_bundle?v=_WWv9hWowqfFpBUD3RaGVfKz0SI-9Sx8G82ISiG7E6k1
Requested by
Host: accounts.rydoo.com
URL: https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:dcea , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d4ff5b2bd97f14ad4e5dae71f30b1c68eba7cfaea17acd3405b9bebd0724f0b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Sep 2019 12:55:58 GMT
content-encoding
br
cf-cache-status
HIT
age
1063306
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
request-context
appId=cid-v1:5849bf13-4867-4e1e-804c-e02f1a7ce2e8
last-modified
Fri, 06 Sep 2019 04:54:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cf-bgj
minify
cache-control
public, max-age=31536000
cf-ray
51c5652bbad58cc2-VIE
expires
Fri, 25 Sep 2020 12:55:58 GMT
login
accounts.rydoo.com/Scripts/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.rydoo.com/Scripts/login?v=Nqdp3IPATp4hNs4BMZyx3oE_RWJBK_6o716zg75MoI81
Requested by
Host: accounts.rydoo.com
URL: https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:dcea , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
25ee889cd8977cd230255ecebb4b1f93cb9d5a424b967f7f6fae8b8139596dfd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Sep 2019 12:55:58 GMT
content-encoding
br
cf-cache-status
HIT
age
719009
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
request-context
appId=cid-v1:5849bf13-4867-4e1e-804c-e02f1a7ce2e8
last-modified
Wed, 18 Sep 2019 05:05:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cf-bgj
minify
cache-control
public, max-age=31536000
cf-ray
51c5652bbad68cc2-VIE
expires
Fri, 25 Sep 2020 12:55:58 GMT
arrow-right.svg
accounts.rydoo.com/Content/img/ 		978 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.rydoo.com/Content/img/arrow-right.svg
Requested by
Host: accounts.rydoo.com
URL: https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:dcea , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7ee3c7c0c79df95be970c0ffa393433976020d11de9572f95182936df9e5244
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Sep 2019 12:55:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Sep 2019 06:47:45 GMT
server
cloudflare
etag
W/"95edb2cf236dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
request-context
appId=cid-v1:5849bf13-4867-4e1e-804c-e02f1a7ce2e8
cache-control
public, max-age=2678400
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
51c5652bbad78cc2-VIE
expires
Sun, 27 Oct 2019 12:55:58 GMT
css
fonts.googleapis.com/ 		2 KB
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: accounts.rydoo.com
URL: https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3af0ae27f1791aea9da60e94e1cf03291881d516c6b62575a8b7a402b96d299c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 26 Sep 2019 12:55:58 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 26 Sep 2019 12:55:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Thu, 26 Sep 2019 12:55:58 GMT
logo.svg
accounts.rydoo.com/Content/img/Rydoo/ 		1 KB
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.rydoo.com/Content/img/Rydoo/logo.svg
Requested by
Host: accounts.rydoo.com
URL: https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:dcea , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
333c605da805138b5fc6dab8bbf12ec7f712515f2eedafc81570cfcb96740488
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://accounts.rydoo.com/Content/bundle_rydoo?v=czh_ltmDNBOZI4yM4fsI3tzK61hFAx6oHj6sdzIB67I1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Sep 2019 12:55:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
24816
status
200
request-context
appId=cid-v1:5849bf13-4867-4e1e-804c-e02f1a7ce2e8
last-modified
Tue, 17 Sep 2019 06:47:45 GMT
server
cloudflare
etag
W/"3063a9cf236dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
public, max-age=2678400
cf-ray
51c5652c3b3d8cc2-VIE
expires
Sun, 27 Oct 2019 12:55:58 GMT
352B80_A_0.woff2
accounts.rydoo.com/Content/assets/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts.rydoo.com/Content/assets/fonts/352B80_A_0.woff2
Requested by
Host: accounts.rydoo.com
URL: https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:dcea , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
484d72eda413dd2d437d4ef083891285427a8f8c0882d0b56455516b9cd02de7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
https://accounts.rydoo.com/Content/bundle_rydoo?v=czh_ltmDNBOZI4yM4fsI3tzK61hFAx6oHj6sdzIB67I1
Origin
https://accounts.rydoo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Sep 2019 12:55:58 GMT
cf-cache-status
HIT
age
24715
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
42035
request-context
appId=cid-v1:5849bf13-4867-4e1e-804c-e02f1a7ce2e8
last-modified
Tue, 17 Sep 2019 06:47:45 GMT
server
cloudflare
etag
"253ca2cf236dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
https://accounts.rydoo.com
cache-control
public, max-age=2678400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
51c5652c3b488cc2-VIE
expires
Sun, 27 Oct 2019 12:55:58 GMT
logo-google.png
accounts.rydoo.com/Content/img/ 		632 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.rydoo.com/Content/img/logo-google.png
Requested by
Host: accounts.rydoo.com
URL: https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:dcea , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
285b107ff89d43a558d4d6c6046179804720fd427b7a10fd014d8b2ad678b494
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://accounts.rydoo.com/Content/bundle_rydoo?v=czh_ltmDNBOZI4yM4fsI3tzK61hFAx6oHj6sdzIB67I1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Sep 2019 12:55:58 GMT
vary
Accept
cf-cache-status
HIT
age
24715
cf-polished
origFmt=png, origSize=808
status
200
content-disposition
inline; filename="logo-google.webp"
content-length
632
request-context
appId=cid-v1:5849bf13-4867-4e1e-804c-e02f1a7ce2e8
last-modified
Tue, 17 Sep 2019 06:47:45 GMT
server
cloudflare
etag
"95edb2cf236dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/webp
expires
Sun, 27 Oct 2019 12:55:58 GMT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
51c5652c4b508cc2-VIE
cf-bgj
imgq:85
Illustration.png
accounts.rydoo.com/Content/img/Rydoo/ 		290 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.rydoo.com/Content/img/Rydoo/Illustration.png
Requested by
Host: accounts.rydoo.com
URL: https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:dcea , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ac86547c20002ab34fb3f30b490a3334f12751208bc2ad043c9ccc4bb89bb72
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://accounts.rydoo.com/Content/bundle_rydoo?v=czh_ltmDNBOZI4yM4fsI3tzK61hFAx6oHj6sdzIB67I1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Sep 2019 12:55:58 GMT
cf-cache-status
HIT
age
24816
cf-polished
status=not_needed
status
200
last-modified
Tue, 17 Sep 2019 06:47:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
297114
request-context
appId=cid-v1:5849bf13-4867-4e1e-804c-e02f1a7ce2e8
cf-bgj
imgq:85
server
cloudflare
etag
"3063a9cf236dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
51c5652c4b518cc2-VIE
expires
Sun, 27 Oct 2019 12:55:58 GMT
352B80_2_0.woff2
accounts.rydoo.com/Content/assets/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts.rydoo.com/Content/assets/fonts/352B80_2_0.woff2
Requested by
Host: accounts.rydoo.com
URL: https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:dcea , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed9b39f4c6340d136044e4503c302b6054a4e86a091050c36abaff4710166f3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
https://accounts.rydoo.com/Content/bundle_rydoo?v=czh_ltmDNBOZI4yM4fsI3tzK61hFAx6oHj6sdzIB67I1
Origin
https://accounts.rydoo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Sep 2019 12:55:58 GMT
cf-cache-status
HIT
age
24715
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
41974
request-context
appId=cid-v1:5849bf13-4867-4e1e-804c-e02f1a7ce2e8
last-modified
Tue, 17 Sep 2019 06:47:45 GMT
server
cloudflare
etag
"13fd9ccf236dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
https://accounts.rydoo.com
cache-control
public, max-age=2678400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
51c5652c4b548cc2-VIE
expires
Sun, 27 Oct 2019 12:55:58 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: accounts.rydoo.com
URL: https://accounts.rydoo.com/login?signin=7c12f35817ce81fc4fcdd7db5a637f76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Sec-Fetch-Mode
cors
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://accounts.rydoo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Sep 2019 12:55:58 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
77171

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| setValidationOnChange function| validateFieldWithoutRule function| validateRequiredField function| validateField function| showError function| hideError function| showLoadingFor function| hideLoadingFor function| HandleError function| getCookies object| StatusCode function| $ function| jQuery boolean| isXpenditure string| registerActionUrl string| userId function| onEnterKey function| moveNext function| submitForm function| submitFormHandler function| getLoginFlowByUserId function| next function| setLoginFlow function| getProviderUrl function| reverseStep function| showUserNameStep function| showPasswordStep function| showVerifyEmailStep function| showAccountsStep function| appendCompanies function| isFormValid function| isUsernameValid function| isEmailValid function| validateEmail function| isPasswordValid function| disableInput function| enableInput function| atttachAccountSelectHandler function| denyActionsReadOnlyInputs function| showWarning string| $logonStep undefined| $logonFlowNormal boolean| $hasMultipleAccounts boolean| submitted boolean| loginFlowCalled

6 Cookies

Domain/Path Name / Value
accounts.rydoo.com/ Name: __cflb
Value: 1582354050
accounts.rydoo.com/ Name: ClientType
Value: 0
accounts.rydoo.com/ Name: Styling
Value: rydoo
.rydoo.com/ Name: __cfduid
Value: d218a225ae3bc0f46e8534b3c6e9f95ad1569502558
accounts.rydoo.com/ Name: __RequestVerificationToken
Value: KxCl44bYALdNWhMMwJ55U9pXcmY88GkqTqy2nwLkM2Fkze4-YH9PYE1ofy07IKE90NCQ4nZgMDSsVokToy8GvsbeM_E1
accounts.rydoo.com/ Name: idsrv.xsrf
Value: AAEAADZmNq33FLBZ-zZqRVvj2zLVwpBUeI2nY_mlWyYN2qLwrnUvSSYLl0wiw_SuNRiNXdSacAUZHJ615NKXOn1loVSF5ooRpi0VUf6VAprqgClZ4u0GD1_2kLha9x6Q5xn62hV-DwhiJ-gMo5CJZL1p53wl-tIwxEHXV6oFa24wL7vYZVvM9tLV_-f8ZrmySm228whtFZSi37TIcLB_x1Li9t6ArWbSzy8rv65RMFUmY3DhIbD_jZh-L6RgUhl8CmpvRU2MI33pMpf8KsDs57N0efLx9gvPpGrSBDqdjp3XHCpqRQQEbBA8LvZk-rTg0AVZf1nBKNGp8ATOwat372u8ytTMc7s9xdcRXXipknQQ3eba9kD6pzedP3EaflBXXiUKYAABAACk7Sk3rhnmLSneVkRF3zE-nvuWvNwHsU9H8FE1biUWwwsPSvAuJOuwMGc90HNzPTpOzqtbCxIbcEqjtCrFk-dLErsgr0zljWlBQfW0b7lBTNHETKf1NMQ_gHf8LeyLbGIO2sfQPPMyN6laNuA68oO6-T49K-K-xWQFx6Igz5MuFy39XZgVlOw4u4sam8PCcBHnMSycWVLP7AUmPKfBRtUdqqZdVdAO9z_OOezcLyDxMhM2OxSm-CFL5C6mKH20lrk_XYRRgYBbOiTCS_1L1EpugUUnbVvLw62D2kfYuTrmFcATlcNSlMAZP6Mn9FKGJC52-A5kQ_jrjXGr5We6kWcWIAAAAHCuJ3rKYXfKJJkH_hL6-5RjmKpjIBPZ_rU97ZsqhV7M

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN