urlscan.io logo urlscan.io
SecurityTrails logo

demo2.cloudwp.dev Open in urlscan Pro
151.139.128.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://demo2.cloudwp.dev/trial-60w59y4t/
Effective URL: https://demo2.cloudwp.dev/inactive.htm
Submission: On January 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 151.139.128.11, located in Dallas, United States and belongs to HIGHWINDS3, US. The main domain is demo2.cloudwp.dev.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 19th 2019. Valid for: 2 years.
This is the only time demo2.cloudwp.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 151.139.128.11 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
8 2
Apex Domain
Subdomains		 Transfer
7 cloudwp.dev
demo2.cloudwp.dev
20 KB
2 gstatic.com
fonts.gstatic.com
41 KB
8 2
Domain Requested by
7 demo2.cloudwp.dev 1 redirects demo2.cloudwp.dev
2 fonts.gstatic.com demo2.cloudwp.dev
8 2

This site contains links to these domains. Also see Links.

Domain
www.boldgrid.com
Subject Issuer Validity Valid
*.cloudwp.dev
Sectigo RSA Domain Validation Secure Server CA		 2019-03-19 -
2021-03-18		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://demo2.cloudwp.dev/inactive.htm
Frame ID: 31F9B47E939EE06FE3880AC2FAEB241A
Requests: 6 HTTP requests in this frame

Frame: https://demo2.cloudwp.dev/sbbi/?sbbpg=sbbShell&gprid=cx&sbbgs=h478964c8d86c340c848631b1064b8af5522&ddl=2
Frame ID: 9B7885BC325426C1DC0EF430DA2473D8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://demo2.cloudwp.dev/trial-60w59y4t/ HTTP 301
    https://demo2.cloudwp.dev/inactive.htm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /fbs/i

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

60 kB
Transfer

85 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://demo2.cloudwp.dev/trial-60w59y4t/ HTTP 301
    https://demo2.cloudwp.dev/inactive.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request inactive.htm
demo2.cloudwp.dev/
Redirect Chain
  • https://demo2.cloudwp.dev/trial-60w59y4t/
  • https://demo2.cloudwp.dev/inactive.htm
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://demo2.cloudwp.dev/inactive.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
f454f4ae430366553f53bc38a0f691f13194cb31cadef30b7acb9e7bc120590d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
demo2.cloudwp.dev
:scheme
https
:path
/inactive.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SPSI=957265be01091e7de8011f1c71a54a40; SPSE=mvd7tHcZ0xHnj6R8KAoIG9bh47LJFpwuEwP6wwko1t1MDSwfyewNeiAEghKUTKrAN9PwwoaTOXQGnH/K3/9Q1w==; spcsrf=75acab2d8ddab8dffd8a942a2819c392; UTGv2=D-h4e27fae39475956396a3b4726f55c7d8826
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 14:38:23 GMT
cache-control
private
content-encoding
gzip
content-type
text/html; charset=utf-8
last-modified
Thu, 01 Feb 2018 16:30:36 GMT
set-cookie
spcsrf=98c47549e20ad4b197957a6f8d10fc01; path=/; SameSite=Strict; HttpOnly; expires=Tue, 26-Jan-21 16:38:22 GMT UTGv2=D-h478964c8d86c340c848631b1064b8af5522; path=/; expires=Wed, 26-Jan-22 14:38:22 GMT sp_lit=/ucEZcacqhLVEEx3gbUBMA==; path=/; SameSite=Strict; HttpOnly; expires=Tue, 26-Jan-21 14:43:23 GMT
vary
Accept-Encoding
x-proxy-cache
MISS
x-robots-tag
noindex, nofollow, noarchive, nosnippet
strict-transport-security
max-age=31536000; includeSubDomains
server
fbs
link
<https://demo2.cloudwp.dev/inactive.htm>; rel="canonical"
x-hw
1611671902.cds013.fr8.hn,1611671902.cds131.fr8.sc,1611671903.cdn2-wafbe02-fra1.stackpath.systems.-.wx,1611671903.cds131.fr8.p
access-control-allow-origin
*

Redirect headers

date
Tue, 26 Jan 2021 14:38:22 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=iso-8859-1
set-cookie
SPSI=957265be01091e7de8011f1c71a54a40; path=/; HttpOnly; SPSE=mvd7tHcZ0xHnj6R8KAoIG9bh47LJFpwuEwP6wwko1t1MDSwfyewNeiAEghKUTKrAN9PwwoaTOXQGnH/K3/9Q1w==; path=/; HttpOnly; spcsrf=75acab2d8ddab8dffd8a942a2819c392; path=/; SameSite=Strict; HttpOnly; expires=Tue, 26-Jan-21 16:38:22 GMT adOtr=obsvl; path=/; expires=Thu, 2 Aug 2001 20:47:11 UTC UTGv2=D-h4e27fae39475956396a3b4726f55c7d8826; path=/; expires=Wed, 26-Jan-22 14:38:22 GMT
pragma
no-cache
expires
Sun, 20 Apr 1975 05:05:00 GMT
location
https://demo2.cloudwp.dev/inactive.htm
x-proxy-cache
MISS
x-robots-tag
noindex, nofollow, noarchive, nosnippet
strict-transport-security
max-age=31536000; includeSubDomains
server
fbs
link
<https://demo2.cloudwp.dev/trial-60w59y4t/>; rel="canonical"
x-hw
1611671902.cds013.fr8.hn,1611671902.cds151.fr8.sc,1611671902.cdn2-redis01-fra1.stackpath.systems.-.wx,1611671902.cds151.fr8.p
access-control-allow-origin
*
boldgrid-logo-vertical-black.svg
demo2.cloudwp.dev/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo2.cloudwp.dev/images/boldgrid-logo-vertical-black.svg
Requested by
Host: demo2.cloudwp.dev
URL: https://demo2.cloudwp.dev/inactive.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
b38980a3f9f0116e7039b450aa5ed8a501a20175b8e49dcd651b7eeeb86ce0e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://demo2.cloudwp.dev/inactive.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 14:38:24 GMT
content-encoding
gzip
last-modified
Fri, 02 Dec 2016 20:50:58 GMT
server
fbs
etag
"1480711858"
strict-transport-security
max-age=31536000; includeSubDomains
x-hw
1611671903.cds013.fr8.hn,1611671903.cds270.fr8.sc,1611671904.cds270.fr8.pr
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
link
<https://demo2.cloudwp.dev/images/boldgrid-logo-vertical-black.svg>; rel="canonical"
content-length
1806
x-proxy-cache
MISS
no-grid.svg
demo2.cloudwp.dev/images/ 		3 KB
926 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo2.cloudwp.dev/images/no-grid.svg
Requested by
Host: demo2.cloudwp.dev
URL: https://demo2.cloudwp.dev/inactive.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
31962ec4cf9147ff0d0f4bb850eff4052cc287fabaac8fe166acb38483055955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://demo2.cloudwp.dev/inactive.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 14:38:24 GMT
content-encoding
gzip
last-modified
Mon, 05 Dec 2016 20:49:18 GMT
server
fbs
etag
"1480970958"
strict-transport-security
max-age=31536000; includeSubDomains
x-hw
1611671903.cds013.fr8.hn,1611671903.cds010.fr8.sc,1611671904.cds010.fr8.pr
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
link
<https://demo2.cloudwp.dev/images/no-grid.svg>; rel="canonical"
content-length
748
x-proxy-cache
MISS
/
demo2.cloudwp.dev/sbbi/ Frame 9B78 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://demo2.cloudwp.dev/sbbi/?sbbpg=sbbShell&gprid=cx&sbbgs=h478964c8d86c340c848631b1064b8af5522&ddl=2
Requested by
Host: demo2.cloudwp.dev
URL: https://demo2.cloudwp.dev/inactive.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
97e64bbacb27f83e266a1e116f67bf3fdd93cd9d5d195c015820177e4ca6841c

Request headers

:method
GET
:authority
demo2.cloudwp.dev
:scheme
https
:path
/sbbi/?sbbpg=sbbShell&gprid=cx&sbbgs=h478964c8d86c340c848631b1064b8af5522&ddl=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://demo2.cloudwp.dev/inactive.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SPSI=957265be01091e7de8011f1c71a54a40; SPSE=mvd7tHcZ0xHnj6R8KAoIG9bh47LJFpwuEwP6wwko1t1MDSwfyewNeiAEghKUTKrAN9PwwoaTOXQGnH/K3/9Q1w==; spcsrf=98c47549e20ad4b197957a6f8d10fc01; sp_lit=/ucEZcacqhLVEEx3gbUBMA==; PRLST=cx; UTGv2=h478964c8d86c340c848631b1064b8af5522
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://demo2.cloudwp.dev/inactive.htm

Response headers

date
Tue, 26 Jan 2021 14:38:23 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
server
fbs
x-accel-expires
0
link
<https://demo2.cloudwp.dev/sbbi/>; rel="canonical"
x-hw
1611671903.cds013.fr8.hn,1611671903.cds004.fr8.sc,1611671903.cdn2-redis01-fra1.stackpath.systems.-.i,1611671903.cds004.fr8.p
access-control-allow-origin
*
/
demo2.cloudwp.dev/sbbi/ 		43 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo2.cloudwp.dev/sbbi/?sbbpg=utMedia&vii=9h5477286956b4ec081d08961ce374d0ec88041816f311cb7110a6544ba84a0fu5r5k2w2
Requested by
Host: demo2.cloudwp.dev
URL: https://demo2.cloudwp.dev/inactive.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://demo2.cloudwp.dev/inactive.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-accel-expires
0
date
Tue, 26 Jan 2021 14:38:23 GMT
server
fbs
x-hw
1611671903.cds013.fr8.hn,1611671903.cds265.fr8.sc,1611671903.cdn2-redis02-fra1.stackpath.systems.-.i,1611671903.cds265.fr8.p
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
link
<https://demo2.cloudwp.dev/sbbi/>; rel="canonical"
C6HYlRF50SGJq1XyXj04z04GofcKVZz6wtzX_QUIqsI.woff2
fonts.gstatic.com/s/josefinsans/v9/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/josefinsans/v9/C6HYlRF50SGJq1XyXj04z04GofcKVZz6wtzX_QUIqsI.woff2
Requested by
Host: demo2.cloudwp.dev
URL: https://demo2.cloudwp.dev/inactive.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70716a99384f70e8f55280615bf0ddf84d17c5561769e1671ee736bda8c2796a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://demo2.cloudwp.dev
Referer
https://demo2.cloudwp.dev/inactive.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 18:42:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Oct 2014 20:36:34 GMT
server
sffe
age
71773
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22244
x-xss-protection
0
expires
Tue, 25 Jan 2022 18:42:10 GMT
-A4eIjQkAwKL411pgtQ4VA.woff2
fonts.gstatic.com/s/exo2/v3/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v3/-A4eIjQkAwKL411pgtQ4VA.woff2
Requested by
Host: demo2.cloudwp.dev
URL: https://demo2.cloudwp.dev/inactive.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25706f2aee8b387e4ce26b4cbcf4a6b79d385c1415f21baa41706fc7ed4520ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://demo2.cloudwp.dev
Referer
https://demo2.cloudwp.dev/inactive.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 12:26:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Aug 2014 15:24:19 GMT
server
sffe
age
94296
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19516
x-xss-protection
0
expires
Tue, 25 Jan 2022 12:26:47 GMT
/
demo2.cloudwp.dev/sbbi/ Frame 9B78 		426 B
562 B 		Document
General
Check archive.org
Download Go to
Full URL
https://demo2.cloudwp.dev/sbbi/?sbbpg=sbbShell&gprid=cx&sbbgs=h478964c8d86c340c848631b1064b8af5522&ddl=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
8baa9ba17e5f5844e1d59c4c2b0760b012c1d1c91f9c50da7b405700ca057fb9

Request headers

:method
POST
:authority
demo2.cloudwp.dev
:scheme
https
:path
/sbbi/?sbbpg=sbbShell&gprid=cx&sbbgs=h478964c8d86c340c848631b1064b8af5522&ddl=2
content-length
665
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://demo2.cloudwp.dev
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://demo2.cloudwp.dev/sbbi/?sbbpg=sbbShell&gprid=cx&sbbgs=h478964c8d86c340c848631b1064b8af5522&ddl=2
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://demo2.cloudwp.dev
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://demo2.cloudwp.dev/sbbi/?sbbpg=sbbShell&gprid=cx&sbbgs=h478964c8d86c340c848631b1064b8af5522&ddl=2

Response headers

date
Tue, 26 Jan 2021 14:38:25 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
set-cookie
SPSI=bab67c7e26f05e86575aae301564e7fa; path=/; HttpOnly; SPSE=UmcQFcG+XyTL9jKcyVZ7D6CVi9YJWijViS/Oz6d7XccBBPTv7wqMsSNWfdPvQTe5soQ1l4i1RhF8TloHon7XVg==; path=/; HttpOnly;
server
fbs
x-accel-expires
0
link
<https://demo2.cloudwp.dev/sbbi/>; rel="canonical"
x-hw
1611671905.cds013.fr8.hn,1611671905.cds207.fr8.sc,1611671905.cdn2-redis01-fra1.stackpath.systems.-.i,1611671905.cds207.fr8.p
access-control-allow-origin
*

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| sbbvscc string| sbbgscc function| genPid function| nsbbfetch function| sbbgc function| addmg function| addprid function| sbbeccf function| m2vr function| sbbls string| y string| x string| gprid object| sbbeccfi string| sbbgs number| lX number| lY string| csr object| otr object| cnv string| lk__ function| setUGEvals number| tt number| sbbtstflgsbbhbka boolean| sbbhbka boolean| sbrmp

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains