urlscan.io logo urlscan.io
SecurityTrails logo

survey.zohopublic.com Open in urlscan Pro
136.143.190.97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sender14.zohoinsights.com/ck/2d6f.327230a/d20e00b0-5df0-11ec-a95a-525400e3c1b1/7de6d07ee89bfaaa98609a2356275b1f1b2c0c31/1?...
Effective URL: https://survey.zohopublic.com/zs/R0BUAG
Submission: On December 16 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 9 HTTP transactions. The main IP is 136.143.190.97, located in United States and belongs to ZOHO-AS, US. The main domain is survey.zohopublic.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 4th 2020. Valid for: 2 years.
This is the only time survey.zohopublic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 204.141.42.89 2639 (ZOHO-AS)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
5 136.143.190.97 2639 (ZOHO-AS)
1 136.143.191.104 2639 (ZOHO-AS)
1 136.143.190.123 2639 (ZOHO-AS)
1 204.141.32.123 2639 (ZOHO-AS)
1 185.20.209.147 41913 (COMPUTERL...)
9 5
1    204.141.42.89 (United States)

ASN2639 (ZOHO-AS, US)
sender14.zohoinsights.com
1    2606:4700:10::6816:1588 (United States)

ASN13335 (CLOUDFLARENET, US)
pinsight.com
1    2606:4700:10::6816:1488 (United States)

ASN13335 (CLOUDFLARENET, US)
www.pinsight.com
5    136.143.190.97 (United States)

ASN2639 (ZOHO-AS, US)
survey.zohopublic.com
1    136.143.191.104 (United States)

ASN2639 (ZOHO-AS, US)
webfonts.zoho.com
1    136.143.190.123 (United States)

ASN2639 (ZOHO-AS, US)
css5.zohostatic.com
1    204.141.32.123 (United States)

ASN2639 (ZOHO-AS, US)
js5.zohostatic.com
1    185.20.209.147 (Switzerland)

ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH)
static.zohocdn.com
Domain Requested by
5 survey.zohopublic.com survey.zohopublic.com
1 static.zohocdn.com webfonts.zoho.com
1 js5.zohostatic.com survey.zohopublic.com
1 css5.zohostatic.com survey.zohopublic.com
1 webfonts.zoho.com survey.zohopublic.com
1 www.pinsight.com 1 redirects
1 pinsight.com 1 redirects
1 sender14.zohoinsights.com 1 redirects
9 8

This site contains links to these domains. Also see Links.

Domain
www.pinsight.com
help.zoho.com
Subject Issuer Validity Valid
*.zohopublic.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-04 -
2022-03-04		 2 years crt.sh
*.zoho.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-14 -
2022-05-14		 a year crt.sh
*.zohostatic.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-14 -
2022-05-14		 a year crt.sh
*.zohocdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-30 -
2022-09-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://survey.zohopublic.com/zs/R0BUAG
Frame ID: DCB845FEB1288D098C476DDA39849C39
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pinsight Research

Page URL History Show full URLs

  1. https://sender14.zohoinsights.com/ck/2d6f.327230a/d20e00b0-5df0-11ec-a95a-525400e3c1b1/7de6d07ee89bfaaa98609a2... HTTP 302
    http://pinsight.com/survey HTTP 301
    http://www.pinsight.com/survey HTTP 301
    https://survey.zohopublic.com/zs/R0BUAG Page URL

Page Statistics

9
Requests

100 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

5
IPs

2
Countries

362 kB
Transfer

1373 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sender14.zohoinsights.com/ck/2d6f.327230a/d20e00b0-5df0-11ec-a95a-525400e3c1b1/7de6d07ee89bfaaa98609a2356275b1f1b2c0c31/1?e=vmsZGqAzKDe1tDsX1fzQGRoojKthPvDmvtNsBbRfsPc%3D HTTP 302
    http://pinsight.com/survey HTTP 301
    http://www.pinsight.com/survey HTTP 301
    https://survey.zohopublic.com/zs/R0BUAG Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request R0BUAG
survey.zohopublic.com/zs/
Redirect Chain
  • https://sender14.zohoinsights.com/ck/2d6f.327230a/d20e00b0-5df0-11ec-a95a-525400e3c1b1/7de6d07ee89bfaaa98609a2356275b1f1b2c0c31/1?e=vmsZGqAzKDe1tDsX1fzQGRoojKthPvDmvtNsBbRfsPc%3D
  • http://pinsight.com/survey
  • http://www.pinsight.com/survey
  • https://survey.zohopublic.com/zs/R0BUAG
92 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://survey.zohopublic.com/zs/R0BUAG
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.143.190.97 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
162aab1571a223d28095909e05df8a8985e3a46b37a516a73e5d93ec0e7c9b24
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
ZGS
Date
Thu, 16 Dec 2021 17:38:47 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
vary
accept-encoding
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000

Redirect headers

Date
Thu, 16 Dec 2021 17:38:46 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://survey.zohopublic.com/zs/R0BUAG
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
6be9aff18ac35b62-FRA
css
webfonts.zoho.com/ 		35 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webfonts.zoho.com/css?family=Playfair+Display/Raleway/Quicksand/Comfortaa/Flamenco/Abril+Fatface/Chivo/Arimo/Doppio+One/Cabin/Quando/Old+Standard+TT/Roboto/Open+Sans/Montserrat/Ubuntu/Cutive%20Mono/UniBurma_MSSerif/Karla/Heebo/Lato/Merriweather/Almarai
Requested by
Host: survey.zohopublic.com
URL: https://survey.zohopublic.com/zs/R0BUAG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.143.191.104 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
62b29d18545814886d02709009b475bd5630147972210ed609c6db49abf764ac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.zohopublic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 17:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ZGS
x-frame-options
SAMEORIGIN
content-type
text/css;charset=ISO-8859-1
cache-control
max-age=864000, must-revalidate
strict-transport-security
max-age=63072000
vary
accept-encoding
x-xss-protection
1
expires
Sun, 26 Dec 2021 17:38:47 GMT
publishedform_utils.css
css5.zohostatic.com/zohosurvey/v7_57/dist/assets/styles/ 		345 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css5.zohostatic.com/zohosurvey/v7_57/dist/assets/styles/publishedform_utils.css
Requested by
Host: survey.zohopublic.com
URL: https://survey.zohopublic.com/zs/R0BUAG
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.143.190.123 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
464c498bd923a718a5944719b7ca94e79c8c0ae1f4bcf3efeee7f9b6de7dcb3a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.zohopublic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 17:38:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 06:22:49 GMT
Server
ZGS
ETag
"61b989b9-dfa7"
Strict-Transport-Security
max-age=63072000
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
57255
Expires
Fri, 16 Dec 2022 17:38:47 GMT
publishedform_utils.js
js5.zohostatic.com/zohosurvey/v7_57/js/ 		812 KB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js5.zohostatic.com/zohosurvey/v7_57/js/publishedform_utils.js
Requested by
Host: survey.zohopublic.com
URL: https://survey.zohopublic.com/zs/R0BUAG
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.141.32.123 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
ff6de23b72fe2088e21b1e1d576d88208dee4d5925a76fb6850db781a95b084f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.zohopublic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 17:38:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 06:22:49 GMT
Server
ZGS
ETag
"61b989b9-37442"
Strict-Transport-Security
max-age=63072000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
226370
Expires
Fri, 16 Dec 2022 17:38:47 GMT
form-structure.css
survey.zohopublic.com/survey/themes/new/form-styles/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://survey.zohopublic.com/survey/themes/new/form-styles/form-structure.css?nocache=1639676327384
Requested by
Host: survey.zohopublic.com
URL: https://survey.zohopublic.com/zs/R0BUAG
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.143.190.97 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
e84b4a05c1017f50cf369223157cba57decc34f71a5fc7a4aceac7d48bb003cb
Security Headers
Name Value
Strict-Transport-Security max-age=604800, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.zohopublic.com/zs/R0BUAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 17:38:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1
Pragma
public, max-age=31536000
Last-Modified
Wed, 15 Dec 2021 05:32:00 GMT
Server
ZGS
X-Frame-Options
SAMEORIGIN
ETag
W/"34298-1639546320000"
vary
accept-encoding
Strict-Transport-Security
max-age=604800, max-age=63072000
Content-Type
text/css
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Expires
Tue, 11 Oct 2022 12:48:38 GMT
base-form-media.css
survey.zohopublic.com/survey/themes/new/form-styles/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://survey.zohopublic.com/survey/themes/new/form-styles/base-form-media.css?nocache=1639676327386
Requested by
Host: survey.zohopublic.com
URL: https://survey.zohopublic.com/zs/R0BUAG
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.143.190.97 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
68d46190fdb28981b3c468aab71e043a9c5cbcedadec93cf405738613074922c
Security Headers
Name Value
Strict-Transport-Security max-age=604800, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.zohopublic.com/zs/R0BUAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 17:38:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1
Pragma
public, max-age=31536000
Last-Modified
Wed, 15 Dec 2021 05:32:00 GMT
Server
ZGS
X-Frame-Options
SAMEORIGIN
ETag
W/"8483-1639546320000"
vary
accept-encoding
Strict-Transport-Security
max-age=604800, max-age=63072000
Content-Type
text/css
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Expires
Tue, 11 Oct 2022 12:48:38 GMT
image
survey.zohopublic.com/survey/api/v1/public/livesurveys/R0BUAG/images/NTE3YjAwNzEtYzc4NS00YWZhLWIwMGMtMWE0ODE3NzhiZDk1/web/download/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://survey.zohopublic.com/survey/api/v1/public/livesurveys/R0BUAG/images/NTE3YjAwNzEtYzc4NS00YWZhLWIwMGMtMWE0ODE3NzhiZDk1/web/download/image?isoriginalfile=true
Requested by
Host: survey.zohopublic.com
URL: https://survey.zohopublic.com/zs/R0BUAG
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.143.190.97 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
cc3c84f7bda990df886e7dedd6e4910f77fddc3a3469cf4e6b704735bd9bae7b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.zohopublic.com/zs/R0BUAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 17:38:48 GMT
X-Content-Type-Options
nosniff
Server
ZGS
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000
Content-Type
image/png;charset=utf-8
Access-Control-Allow-Origin
https://survey.zoho.com
Transfer-Encoding
chunked
Content-Disposition
attachment; filename=image
Connection
keep-alive
X-XSS-Protection
1
spacer.gif
survey.zohopublic.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://survey.zohopublic.com/images/spacer.gif
Requested by
Host: survey.zohopublic.com
URL: https://survey.zohopublic.com/zs/R0BUAG
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.143.190.97 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
6224d6dbc337c3e605bc817112b755a8277d1c44250f42e3c1f184792b398e09
Security Headers
Name Value
Strict-Transport-Security max-age=604800, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.zohopublic.com/zs/R0BUAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
public, max-age=31536000
Date
Thu, 16 Dec 2021 17:38:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 15 Dec 2021 05:32:00 GMT
Server
ZGS
X-Frame-Options
SAMEORIGIN
ETag
W/"1093-1639546320000"
Strict-Transport-Security
max-age=604800, max-age=63072000
Content-Type
image/gif
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1093
X-XSS-Protection
1
Expires
Tue, 11 Oct 2022 12:48:38 GMT
font_latin.woff2
static.zohocdn.com/webfonts/heeboregular/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.zohocdn.com/webfonts/heeboregular/font_latin.woff2
Requested by
Host: webfonts.zoho.com
URL: https://webfonts.zoho.com/css?family=Playfair+Display/Raleway/Quicksand/Comfortaa/Flamenco/Abril+Fatface/Chivo/Arimo/Doppio+One/Cabin/Quando/Old+Standard+TT/Roboto/Open+Sans/Montserrat/Ubuntu/Cutive%20Mono/UniBurma_MSSerif/Karla/Heebo/Lato/Merriweather/Almarai
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),
Reverse DNS
Software
ZGS /
Resource Hash
4883dca00ded0ddcbd07588a67f81241a8e770115830e872fd935226fb7d0e60
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://webfonts.zoho.com/
Origin
https://survey.zohopublic.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 17:38:48 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
font/woff2
x-cache
HIT
last-modified
Fri, 26 Jun 2020 14:50:18 GMT
vary
Accept-Encoding
content-length
17056
x-xss-protection
1
nb-request-id
98d189f93b6481f3880afe7853a8e2ac
server
ZGS
etag
"c2625277e7344680cf58983b88a5c78b"
strict-transport-security
max-age=15768000, max-age=63072000
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, must-revalidate, proxy-revalidate
z-origin-id
ex1-5fda0d897c42e84ee647a1dd
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| constuctScrollScript function| getScrollScriptContext function| setScrollWithSelector function| checkHasOverflow object| ZSC object| BarName object| ReviewCons object| ZSMIXIN_CONS object| ZSMixin_Util object| ZSCommonUtil object| ZS_Utils function| ZSEncodeURIComponent object| RatingUtil object| ZSPublishLogic object| CollectResponse object| CacheResponse function| domObserver object| DOMobserver_mixin object| domObserverMixin function| noScroll function| initializeScrollWithSelector function| initializeScroll function| getScrollContext function| setScroll function| valueSetter object| CustomScroll object| Reviewer function| $ function| jQuery object| jQuery111306721106069654499 object| NProgress object| SuperScrollbar object| Ss function| ZSDynamicScript object| pageArray

7 Cookies

Domain/Path Name / Value
sender14.zohoinsights.com/ Name: 8a231755c9
Value: 36ff511dcb9d020316e7b6fd9e5f67f9
sender14.zohoinsights.com/ Name: tm_csrf_cookie
Value: 26e9ce6b-9c29-4b03-a2fc-9e260dfa406f
sender14.zohoinsights.com/ Name: _zcsr_tmp
Value: 26e9ce6b-9c29-4b03-a2fc-9e260dfa406f
survey.zohopublic.com/ Name: 53aac31ef0
Value: 43343afff88d4652a73e83fdd32d7ce2
survey.zohopublic.com/ Name: JSESSIONID
Value: E8E9B321D77345AF395F7B8A7DE98CE1
survey.zohopublic.com/ Name: aprmjrnpkcrkks
Value: 61ead39c-09d9-474d-b3e0-8e58fddad23c
survey.zohopublic.com/ Name: _zcsr_tmp
Value: 61ead39c-09d9-474d-b3e0-8e58fddad23c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1