urlscan.io logo urlscan.io
SecurityTrails logo

www.synchronycredit.com Open in urlscan Pro
23.67.137.43  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ablinks.email.venmo.com/ls/click?upn=JRNwBusW0pTpqOMAe0jZei0wrIXUHbiduFzYf51-2FXg45QAs4O-2BQeFXDy-2FSuPmSDnyG7NMt1Ob0GTq...
Effective URL: https://www.synchronycredit.com/gecrbterms/html/RewardsTerms.htm?lid=pgduj0o0qgfd
Submission Tags: falconsandbox
Submission: On June 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 23.67.137.43, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.synchronycredit.com. The Cisco Umbrella rank of the primary domain is 106564.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 25th 2023. Valid for: a year.
This is the only time www.synchronycredit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.32.99.5 16509 (AMAZON-02)
7 23.67.137.43 16625 (AKAMAI-AS)
7 2
Apex Domain
Subdomains		 Transfer
7 synchronycredit.com
www.synchronycredit.com — Cisco Umbrella Rank: 106564
98 KB
1 venmo.com
ablinks.email.venmo.com — Cisco Umbrella Rank: 98181
482 B
7 2
Domain Requested by
7 www.synchronycredit.com www.synchronycredit.com
1 ablinks.email.venmo.com 1 redirects
7 2

This site contains no links.

Subject Issuer Validity Valid
www.synchronycredit.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-05-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.synchronycredit.com/gecrbterms/html/RewardsTerms.htm?lid=pgduj0o0qgfd
Frame ID: 20BB2FCFB2543C14687CAA134AE7630A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WF5928555Q VENMO REWARDS TERMS HTML

Page URL History Show full URLs

  1. https://ablinks.email.venmo.com/ls/click?upn=JRNwBusW0pTpqOMAe0jZei0wrIXUHbiduFzYf51-2FXg45QAs4O-2BQeFXDy-2F... HTTP 302
    https://www.synchronycredit.com/gecrbterms/html/RewardsTerms.htm?lid=pgduj0o0qgfd Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

98 kB
Transfer

266 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ablinks.email.venmo.com/ls/click?upn=JRNwBusW0pTpqOMAe0jZei0wrIXUHbiduFzYf51-2FXg45QAs4O-2BQeFXDy-2FSuPmSDnyG7NMt1Ob0GTqsptbYoCpNcAbA7EJYxSUu0nRwLz6NpnP-2BUSlacFPOZzJ-2B-2FCKFRzb8sy_ZfyZbs9E4ak-2Fvf3lURy3OQ-2BZjFgwKi1pRQCU1lUjoaEbTD3oqpTzhs-2BbbaXftQ1fvMERZrWuqlqW4gYaruIBJLorgBHRDdPSq-2F-2BBY1Wa5hPAKtUBL-2BCFSpZ9X3Zcai6dcl01bquOnrcvFqh-2FHVu1uKeRE3AaEJI8QAJgZ9ZYFiaLryhO1JYo8EbkehVB-2FEgqQZjMCatJKBCjluONTbZV7h87AI2BtnVK6hiUUOl-2BvMWoo1KaqL-2BPymgiHpG7dB6nElkgaiSP5vsxUravTAmamvFael5f8wEBNZyPtzXANoEJ1rTGr8ti2FQ7m17SGmAacJOUbde6KPw1PqZ-2FP0p4UjCyrEUurxDFF4eyrIhZse2HuhTI86etmOoANFQntZtMgtsD8iL4AojVxXjvHtCymlZ8OjYjRB2LFD1J5xj-2FlYernDV-2FCMqoYRdq0tQLBOrpOH92HQeJoHpB8Q5TtebplWk3aCdtqZwxZ-2FNB0iMIDPi4bfRM-2Fy7wDtKk1xEu61Qz-2Fjdyq-2B-2BVimY6-2FRcLZXUsp7pvHrICMhM4-2BmL-2BMLy0YOhc8FMZvrA3jZ9zKo4hXNsOGTxHcSOpTqd7mN-2BkAh2gPdcGq2oHiBcYaU1M36gfBgQyubQMLittbQLGGWsGDlSu-2FdjpcIE0niFeEKPltr5fcpQaqNfHDXn8A0hOTn-2FEB1g-3D HTTP 302
    https://www.synchronycredit.com/gecrbterms/html/RewardsTerms.htm?lid=pgduj0o0qgfd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request RewardsTerms.htm
www.synchronycredit.com/gecrbterms/html/
Redirect Chain
  • https://ablinks.email.venmo.com/ls/click?upn=JRNwBusW0pTpqOMAe0jZei0wrIXUHbiduFzYf51-2FXg45QAs4O-2BQeFXDy-2FSuPmSDnyG7NMt1Ob0GTqsptbYoCpNcAbA7EJYxSUu0nRwLz6NpnP-2BUSlacFPOZzJ-2B-2FCKFRzb8sy_ZfyZbs9...
  • https://www.synchronycredit.com/gecrbterms/html/RewardsTerms.htm?lid=pgduj0o0qgfd
34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.synchronycredit.com/gecrbterms/html/RewardsTerms.htm?lid=pgduj0o0qgfd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-43.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c88b7ce46c53d27ceb50626eed970ee7f0c81d87068cad1112c5b61a5fca4143
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
9765
Content-Type
text/html
Date
Thu, 01 Jun 2023 00:02:30 GMT
ETag
"640f4a18-8739"
Last-Modified
Mon, 13 Mar 2023 16:06:48 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Akamai-Transformed
9 34617 0 pmb=mTOE,3
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
Date
Thu, 01 Jun 2023 00:02:30 GMT
Location
https://www.synchronycredit.com/gecrbterms/html/RewardsTerms.htm?lid=pgduj0o0qgfd
Server
nginx
Via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
2nyObp9igP3QvQSmDnVQgg4ZnUGlfjn3EisX0CLQSIHFOz3ZS6d0Dw==
X-Amz-Cf-Pop
FRA60-P3
X-Cache
Miss from cloudfront
X-Robots-Tag
noindex, nofollow
36f53ffd
www.synchronycredit.com/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.synchronycredit.com/akam/13/36f53ffd
Requested by
Host: www.synchronycredit.com
URL: https://www.synchronycredit.com/gecrbterms/html/RewardsTerms.htm?lid=pgduj0o0qgfd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-43.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
34db3f0b35d259273278ec1c103501147fa28cdb71221f3c4e1be5ae6f05a604

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.synchronycredit.com/gecrbterms/html/RewardsTerms.htm?lid=pgduj0o0qgfd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jun 2023 00:02:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Feb 2022 15:10:34 GMT
ETag
"baeee7dac0c26cdc6bdf12d4935fa604c29c29ad9b3c60c7d04ee76a0e49dd12"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
8798
Expires
Thu, 01 Jun 2023 00:02:30 GMT
FhV7fVk
www.synchronycredit.com/wGujcB7sVaqBX/fxQgnd/YzwREXEc/DiEcb4LXkN/UmhvDi0VAQM/bDVn/ 		196 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.synchronycredit.com/wGujcB7sVaqBX/fxQgnd/YzwREXEc/DiEcb4LXkN/UmhvDi0VAQM/bDVn/FhV7fVk
Requested by
Host: www.synchronycredit.com
URL: https://www.synchronycredit.com/gecrbterms/html/RewardsTerms.htm?lid=pgduj0o0qgfd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-43.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f9fce767b48efa5ba940f180d7210d6f9d5c1569743951fb756e574c8e8ce86e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.synchronycredit.com/gecrbterms/html/RewardsTerms.htm?lid=pgduj0o0qgfd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Thu, 01 Jun 2023 00:02:30 GMT
Content-Encoding
br
Last-Modified
Wed, 26 Apr 2023 15:12:23 GMT
ETag
"5b8f9de7319f5214c46d203ee7c78f9bf749d0b7eaa059e3b1056741a3d903ac"
Stored-Attribute-Sha-Checksum
f9fce767b48efa5ba940f180d7210d6f9d5c1569743951fb756e574c8e8ce86e
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=21600
Connection
keep-alive
Content-Length
73255
Expires
Wed, 28 Jun 2023 20:50:45 GMT
FhV7fVk
www.synchronycredit.com/wGujcB7sVaqBX/fxQgnd/YzwREXEc/DiEcb4LXkN/UmhvDi0VAQM/bDVn/ 		18 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.synchronycredit.com/wGujcB7sVaqBX/fxQgnd/YzwREXEc/DiEcb4LXkN/UmhvDi0VAQM/bDVn/FhV7fVk
Requested by
Host: www.synchronycredit.com
URL: https://www.synchronycredit.com/wGujcB7sVaqBX/fxQgnd/YzwREXEc/DiEcb4LXkN/UmhvDi0VAQM/bDVn/FhV7fVk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-43.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
https://www.synchronycredit.com/gecrbterms/html/RewardsTerms.htm?lid=pgduj0o0qgfd
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 01 Jun 2023 00:02:31 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.synchronycredit.com
Access-Control-Allow-Credentials
true
x_req_id
60456fc8-c9c5-4fbf-a034-25b3bc96af9f
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
FhV7fVk
www.synchronycredit.com/wGujcB7sVaqBX/fxQgnd/YzwREXEc/DiEcb4LXkN/UmhvDi0VAQM/bDVn/ 		18 B
960 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.synchronycredit.com/wGujcB7sVaqBX/fxQgnd/YzwREXEc/DiEcb4LXkN/UmhvDi0VAQM/bDVn/FhV7fVk
Requested by
Host: www.synchronycredit.com
URL: https://www.synchronycredit.com/wGujcB7sVaqBX/fxQgnd/YzwREXEc/DiEcb4LXkN/UmhvDi0VAQM/bDVn/FhV7fVk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-43.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
https://www.synchronycredit.com/gecrbterms/html/RewardsTerms.htm?lid=pgduj0o0qgfd
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 01 Jun 2023 00:02:31 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.synchronycredit.com
Access-Control-Allow-Credentials
true
x_req_id
f4840142-e27d-4d92-9766-ba5b05268646
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
pixel_36f53ffd
www.synchronycredit.com/akam/13/ 		0
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.synchronycredit.com/akam/13/pixel_36f53ffd
Requested by
Host: www.synchronycredit.com
URL: https://www.synchronycredit.com/akam/13/36f53ffd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-43.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.synchronycredit.com/gecrbterms/html/RewardsTerms.htm?lid=pgduj0o0qgfd
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Thu, 01 Jun 2023 00:02:31 GMT
Connection
keep-alive
Content-Length
0
Content-Type
text/html
FhV7fVk
www.synchronycredit.com/wGujcB7sVaqBX/fxQgnd/YzwREXEc/DiEcb4LXkN/UmhvDi0VAQM/bDVn/ 		18 B
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.synchronycredit.com/wGujcB7sVaqBX/fxQgnd/YzwREXEc/DiEcb4LXkN/UmhvDi0VAQM/bDVn/FhV7fVk
Requested by
Host: www.synchronycredit.com
URL: https://www.synchronycredit.com/wGujcB7sVaqBX/fxQgnd/YzwREXEc/DiEcb4LXkN/UmhvDi0VAQM/bDVn/FhV7fVk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-43.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
https://www.synchronycredit.com/gecrbterms/html/RewardsTerms.htm?lid=pgduj0o0qgfd
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 01 Jun 2023 00:02:32 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.synchronycredit.com
Access-Control-Allow-Credentials
true
x_req_id
b20bfd97-8ebc-4755-93bf-dcdcc2526b76
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend string| bazadebezolkohpepadr function| getUrlParameter object| printButton object| _cf object| bmak string| _sdTrace string| urhehlevkedkilrobacf

4 Cookies

Domain/Path Name / Value
www.synchronycredit.com/ Name: VDSIGCDB
Value: 0251d9974c-ae44-4eH6ryk_s8M9lc8fG4HYm21lXO2jfdv6vYF9U0X-60n8FRCV_lCf5jOcSN1O41OuPeuYk
.synchronycredit.com/ Name: bm_sz
Value: CC646418EF041B45DF637EFA26577757~YAAQIihDF1JZPHGIAQAAU1lDdBPpbkXkb8hCQVfKqLHmY7x8/omcDpKzvTxllsjQYHgDMm1v5sIAeRm8RP+i661K/exK3lsr0n4MjYsKGpJq1E9tyl/qg06xbGuAFFU41mZSdRJYZLjwbIPmLXw9Q0NC1eMfv/tT1ayMirGn05k5vPaqi7d9VIrPF0qYrGaI9sMXy8IKf/e+cOn+0721xNCcXjpJKrir/VZPLTfzgZT06kKlEPugnve/ypHCAW7P0ZxkfUhcWVVIREuG5Vdfhwc9nyN8FnnQpdwu75dUFBiFS5BGJ0FzoH6CGsk=~3617348~3355442
.synchronycredit.com/ Name: ak_bmsc
Value: 67218F337ACB669B660AB782ABEE5558~000000000000000000000000000000~YAAQIihDF5RZPHGIAQAA61tDdBMi9DG1TiRxPc4XLyOyU9OVOKuvpR+3sVIBVBRYxRQX0C+qplB/ccbTFgpA7bRiIEgM5DdwsF5oG3cwdYE3e2acHXQprUFKk7EYre8SIj3Ewneyu6R6xF2h4LEOJtq98c0bDIuavb5aP8ecod7qlOhp3XctZh2sgD8yj4lIMQXJQqYdynf24mPQ53/Jo3TIeIcmCwy5FoELSCPJ/cQFb6UxJsV079VvN2MxKQc0YH+TDx0p1/1+44LwEfEnYrw0oGQGegYQs03Oba6v2ldCVqAUlMPjyFhF4iehbotjtvDLQwNhPzHKuJBDLyaP0u9igtn2NipjzfOmQW+YqregGRU2T6u6RiBuovFGYePipiGL13nV6JpMsX+WNXPTpOgJ3z7vSv5igKwwdWh+x3mdmjouZOsaDXEEazndEKVLaq0ZHLWmLrpxLFF3YQ3w/bFg2bGeUI4hz899QbVytthzyIBIeSo6iGNKrA==
.synchronycredit.com/ Name: _abck
Value: 7903E0F595407959C035E920C8178667~-1~YAAQIihDF9FZPHGIAQAAjV5DdAmrDXeQ/93m21KiwL3z5LQog1R7WmqPcPGk2I2B8WUkJgWDqfqKa6z0D2JgIvypUB5b9WQEJ7x5vfQT7RvQ7T0XP74ODgL4kNUyuAVgwi+H2zpEC0tMEbJP1DgQr0/VXlMTwnu6xD+PnwlXAV3GAIQxWrFNe+ciM7vypR42U4W5gE9pidI1sawSpACZafBrBL9Fef4cCRWLjecAICR/hy/HvBQl6y89mVTkin9EfQOgCG3Mp4uKq0euUkOXwHBRKVFrzSGMFu2dawU+BQhatoe5jXRDfkg6AdYh46KysNTppMX0KPbvsjqQwwWYTLCbV6lTFO3zKgpqGn9UkUMcoSqdH95SCfkyr9BLcLeKJruLDnnfIngDctR+CVxkIoGHUV/M8QVXY0wL9QaCUc0=~-1~-1~-1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block