urlscan.io logo urlscan.io
SecurityTrails logo

icx.efrontcloud.com Open in urlscan Pro
34.231.214.238  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://icx.efrontcloud.com/redbirdcap
Effective URL: https://icx.efrontcloud.com/@141/redbirdcap/login.aspx
Submission: On May 19 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 34.231.214.238, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is icx.efrontcloud.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on April 18th 2019. Valid for: 2 years.
This is the only time icx.efrontcloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 16 34.231.214.238 14618 (AMAZON-AES)
13 1
Apex Domain
Subdomains		 Transfer
16 efrontcloud.com
icx.efrontcloud.com
1005 KB
13 1
Domain Requested by
16 icx.efrontcloud.com 3 redirects icx.efrontcloud.com
13 1

This site contains links to these domains. Also see Links.

Domain
www.support.efront.com
redbirdcap.com
Subject Issuer Validity Valid
*.efrontcloud.com
DigiCert SHA2 High Assurance Server CA		 2019-04-18 -
2021-06-24		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://icx.efrontcloud.com/@141/redbirdcap/login.aspx
Frame ID: 5EF5BE2D803438FC63ECDFB252193B48
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://icx.efrontcloud.com/redbirdcap HTTP 302
    https://icx.efrontcloud.com/redbirdcap HTTP 302
    https://icx.efrontcloud.com/@141/redbirdcap HTTP 302
    https://icx.efrontcloud.com/@141/redbirdcap/login.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1004 kB
Transfer

2591 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://icx.efrontcloud.com/redbirdcap HTTP 302
    https://icx.efrontcloud.com/redbirdcap HTTP 302
    https://icx.efrontcloud.com/@141/redbirdcap HTTP 302
    https://icx.efrontcloud.com/@141/redbirdcap/login.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set login.aspx
icx.efrontcloud.com/@141/redbirdcap/
Redirect Chain
  • http://icx.efrontcloud.com/redbirdcap
  • https://icx.efrontcloud.com/redbirdcap
  • https://icx.efrontcloud.com/@141/redbirdcap
  • https://icx.efrontcloud.com/@141/redbirdcap/login.aspx
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://icx.efrontcloud.com/@141/redbirdcap/login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.214.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-214-238.compute-1.amazonaws.com
Software
/
Resource Hash
f9d317c42cb5d5071d444fa277c2ed6d0c6c188cddb87a308b21bbcd9b384fe2
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
icx.efrontcloud.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
AWSELB=092343E304FFB2A31B1C0B565BBAFD6EDAB7C8511EA110A09F3BD47F1BCF6ED79E4411FCFE93718C3A97B58ECD818C533E097BAB47C122EE1DD56A73B6FD11AA876A7A22CA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Security-Policy
default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Content-Type
text/html; charset=utf-8
Date
Wed, 19 May 2021 13:12:47 GMT
Expires
-1
Pragma
no-cache
Referrer-Policy
no-referrer
Set-Cookie
ASP.NET_SessionId=mm2m0lfkgj1wjgj3qb1epnbr; path=/@141; secure; HttpOnly; SameSite=Lax
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Content-Length
4471
Connection
keep-alive

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Wed, 19 May 2021 13:12:47 GMT
Location
/@141/redbirdcap/login.aspx
Content-Length
139
Connection
keep-alive
bootstrap.min.bb884d3b.css
icx.efrontcloud.com/@141/redbirdcap/LoginRessources/ 		115 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://icx.efrontcloud.com/@141/redbirdcap/LoginRessources/bootstrap.min.bb884d3b.css
Requested by
Host: icx.efrontcloud.com
URL: https://icx.efrontcloud.com/@141/redbirdcap/login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.214.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-214-238.compute-1.amazonaws.com
Software
/
Resource Hash
e7a19173e444dc0f49ae56520f7bf6ae876e5dc3bb1230022e00dd184697c9d6
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
icx.efrontcloud.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Cookie
ASP.NET_SessionId=mm2m0lfkgj1wjgj3qb1epnbr; AWSELB=092343E304FFB2A31B1C0B565BBAFD6EDAB7C8511EA110A09F3BD47F1BCF6ED79E4411FCFE93718C3A97B58ECD818C533E097BAB47C122EE1DD56A73B6FD11AA876A7A22CA
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Content-Encoding
gzip
Referrer-Policy
no-referrer
Last-Modified
Tue, 20 Apr 2021 19:34:06 GMT
ETag
"0cb52201c36d71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Date
Wed, 19 May 2021 13:12:48 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
26877
X-XSS-Protection
1; mode=block
jquery.min.0732e3ea.js
icx.efrontcloud.com/@141/redbirdcap/LoginRessources/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icx.efrontcloud.com/@141/redbirdcap/LoginRessources/jquery.min.0732e3ea.js
Requested by
Host: icx.efrontcloud.com
URL: https://icx.efrontcloud.com/@141/redbirdcap/login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.214.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-214-238.compute-1.amazonaws.com
Software
/
Resource Hash
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
icx.efrontcloud.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Cookie
ASP.NET_SessionId=mm2m0lfkgj1wjgj3qb1epnbr; AWSELB=092343E304FFB2A31B1C0B565BBAFD6EDAB7C8511EA110A09F3BD47F1BCF6ED79E4411FCFE93718C3A97B58ECD818C533E097BAB47C122EE1DD56A73B6FD11AA876A7A22CA
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Content-Encoding
gzip
Referrer-Policy
no-referrer
Last-Modified
Tue, 20 Apr 2021 19:34:06 GMT
ETag
"0cb52201c36d71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Date
Wed, 19 May 2021 13:12:48 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
39759
X-XSS-Protection
1; mode=block
placeholders.jquery.min.d659806f.js
icx.efrontcloud.com/@141/redbirdcap/LoginRessources/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icx.efrontcloud.com/@141/redbirdcap/LoginRessources/placeholders.jquery.min.d659806f.js
Requested by
Host: icx.efrontcloud.com
URL: https://icx.efrontcloud.com/@141/redbirdcap/login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.214.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-214-238.compute-1.amazonaws.com
Software
/
Resource Hash
801c50863e78d6df8fc5b0ffe5fa0922d3e353149c2332f4b2516c889e0c75d1
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
icx.efrontcloud.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Cookie
ASP.NET_SessionId=mm2m0lfkgj1wjgj3qb1epnbr; AWSELB=092343E304FFB2A31B1C0B565BBAFD6EDAB7C8511EA110A09F3BD47F1BCF6ED79E4411FCFE93718C3A97B58ECD818C533E097BAB47C122EE1DD56A73B6FD11AA876A7A22CA
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Content-Encoding
gzip
Referrer-Policy
no-referrer
Last-Modified
Tue, 20 Apr 2021 19:34:06 GMT
ETag
"0cb52201c36d71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Date
Wed, 19 May 2021 13:12:48 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
2846
X-XSS-Protection
1; mode=block
lightFunctionalDom.d2b9a4ff.js
icx.efrontcloud.com/@141/redbirdcap/LoginRessources/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icx.efrontcloud.com/@141/redbirdcap/LoginRessources/lightFunctionalDom.d2b9a4ff.js
Requested by
Host: icx.efrontcloud.com
URL: https://icx.efrontcloud.com/@141/redbirdcap/login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.214.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-214-238.compute-1.amazonaws.com
Software
/
Resource Hash
5b77bee4d18004fd4b2dcfec30b46de94bca040ddd072843a16e6fe8eabe174b
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
icx.efrontcloud.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Cookie
ASP.NET_SessionId=mm2m0lfkgj1wjgj3qb1epnbr; AWSELB=092343E304FFB2A31B1C0B565BBAFD6EDAB7C8511EA110A09F3BD47F1BCF6ED79E4411FCFE93718C3A97B58ECD818C533E097BAB47C122EE1DD56A73B6FD11AA876A7A22CA
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Content-Encoding
gzip
Referrer-Policy
no-referrer
Last-Modified
Tue, 20 Apr 2021 19:34:06 GMT
ETag
"0cb52201c36d71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Date
Wed, 19 May 2021 13:12:48 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
1971
X-XSS-Protection
1; mode=block
jqueryClosestDescendantPlugin.62f1a779.js
icx.efrontcloud.com/@141/redbirdcap/LoginRessources/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icx.efrontcloud.com/@141/redbirdcap/LoginRessources/jqueryClosestDescendantPlugin.62f1a779.js
Requested by
Host: icx.efrontcloud.com
URL: https://icx.efrontcloud.com/@141/redbirdcap/login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.214.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-214-238.compute-1.amazonaws.com
Software
/
Resource Hash
c0156801b732e403143bd4e4d17cadc35be2bd7d942391b751ab60ec26c0bfec
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
icx.efrontcloud.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Cookie
ASP.NET_SessionId=mm2m0lfkgj1wjgj3qb1epnbr; AWSELB=092343E304FFB2A31B1C0B565BBAFD6EDAB7C8511EA110A09F3BD47F1BCF6ED79E4411FCFE93718C3A97B58ECD818C533E097BAB47C122EE1DD56A73B6FD11AA876A7A22CA
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Content-Encoding
gzip
Referrer-Policy
no-referrer
Last-Modified
Tue, 20 Apr 2021 19:34:06 GMT
ETag
"0cb52201c36d71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Date
Wed, 19 May 2021 13:12:48 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
959
X-XSS-Protection
1; mode=block
update.min.0b4ce641.js
icx.efrontcloud.com/@141/redbirdcap/LoginRessources/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icx.efrontcloud.com/@141/redbirdcap/LoginRessources/update.min.0b4ce641.js
Requested by
Host: icx.efrontcloud.com
URL: https://icx.efrontcloud.com/@141/redbirdcap/login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.214.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-214-238.compute-1.amazonaws.com
Software
/
Resource Hash
92759f5362cdc950e25ea6d8c6f6cbb84c3fd8d93961eb2ba486b7623d488b4f
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
icx.efrontcloud.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Cookie
ASP.NET_SessionId=mm2m0lfkgj1wjgj3qb1epnbr; AWSELB=092343E304FFB2A31B1C0B565BBAFD6EDAB7C8511EA110A09F3BD47F1BCF6ED79E4411FCFE93718C3A97B58ECD818C533E097BAB47C122EE1DD56A73B6FD11AA876A7A22CA
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Content-Encoding
gzip
Referrer-Policy
no-referrer
Last-Modified
Tue, 20 Apr 2021 19:34:06 GMT
ETag
"0cb52201c36d71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Date
Wed, 19 May 2021 13:12:48 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
4289
X-XSS-Protection
1; mode=block
update.show.min.8f3bb885.js
icx.efrontcloud.com/@141/redbirdcap/LoginRessources/ 		18 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icx.efrontcloud.com/@141/redbirdcap/LoginRessources/update.show.min.8f3bb885.js
Requested by
Host: icx.efrontcloud.com
URL: https://icx.efrontcloud.com/@141/redbirdcap/login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.214.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-214-238.compute-1.amazonaws.com
Software
/
Resource Hash
52a03bb9fee06fea25a5617a8c4530748b245044845960d490d50241f305ca40
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
icx.efrontcloud.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Cookie
ASP.NET_SessionId=mm2m0lfkgj1wjgj3qb1epnbr; AWSELB=092343E304FFB2A31B1C0B565BBAFD6EDAB7C8511EA110A09F3BD47F1BCF6ED79E4411FCFE93718C3A97B58ECD818C533E097BAB47C122EE1DD56A73B6FD11AA876A7A22CA
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Content-Encoding
gzip
Referrer-Policy
no-referrer
Last-Modified
Tue, 20 Apr 2021 19:34:06 GMT
ETag
"0cb52201c36d71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Date
Wed, 19 May 2021 13:12:48 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
10350
X-XSS-Protection
1; mode=block
Cookie set dcd33a3628e34880a77f73d426bafb5f_04d0395bef0f48c5997caa03effe8cdc
icx.efrontcloud.com/dist/css/dynamic/ 		2 MB
424 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://icx.efrontcloud.com/dist/css/dynamic/dcd33a3628e34880a77f73d426bafb5f_04d0395bef0f48c5997caa03effe8cdc?tenant=redbirdcap&app=ICX&version=2021.3.0%20%2821.3.0%2B25657-sha.ac3fef28f%29
Requested by
Host: icx.efrontcloud.com
URL: https://icx.efrontcloud.com/@141/redbirdcap/login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.214.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-214-238.compute-1.amazonaws.com
Software
/
Resource Hash
2e9bdd18ae502ccefca58dcc9b1933e0dfe23dac9147628a61a48971343be5c5
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
icx.efrontcloud.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Cookie
AWSELB=092343E304FFB2A31B1C0B565BBAFD6EDAB7C8511EA110A09F3BD47F1BCF6ED79E4411FCFE93718C3A97B58ECD818C533E097BAB47C122EE1DD56A73B6FD11AA876A7A22CA
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Content-Encoding
gzip
Referrer-Policy
no-referrer
Server
Cache-Control
private
Date
Wed, 19 May 2021 13:12:48 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Set-Cookie
ASP.NET_SessionId=byhs2rdxah3g5ddbsmt1z21b; expires=Thu, 19-May-1921 13:12:49 GMT; path=/; secure; HttpOnly; SameSite=Lax
Connection
keep-alive
transfer-encoding
chunked
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Cookie set ed4422b53b8449b694d9328e69000cfc_04d0395bef0f48c5997caa03effe8cdc_dcd33a3628e34880a77f73d426bafb5f_Background.jpg
icx.efrontcloud.com/redbirdcap/api/css/image/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icx.efrontcloud.com/redbirdcap/api/css/image/ed4422b53b8449b694d9328e69000cfc_04d0395bef0f48c5997caa03effe8cdc_dcd33a3628e34880a77f73d426bafb5f_Background.jpg
Requested by
Host: icx.efrontcloud.com
URL: https://icx.efrontcloud.com/dist/css/dynamic/dcd33a3628e34880a77f73d426bafb5f_04d0395bef0f48c5997caa03effe8cdc?tenant=redbirdcap&app=ICX&version=2021.3.0%20%2821.3.0%2B25657-sha.ac3fef28f%29
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.214.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-214-238.compute-1.amazonaws.com
Software
/
Resource Hash
935710648fc9e9c33444d4e90261dceda605d46b555bbfc90b78ef9f9a0de882
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
icx.efrontcloud.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Cookie
AWSELB=092343E304FFB2A31B1C0B565BBAFD6EDAB7C8511EA110A09F3BD47F1BCF6ED79E4411FCFE93718C3A97B58ECD818C533E097BAB47C122EE1DD56A73B6FD11AA876A7A22CA; EFRONT_LANGUAGE=A
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Referrer-Policy
no-referrer
Server
Cache-Control
private
Date
Wed, 19 May 2021 13:12:49 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Set-Cookie
ASP.NET_SessionId=m5kqmfktwazo3xkxpr45dfee; expires=Thu, 19-May-1921 13:12:49 GMT; path=/; secure; HttpOnly; SameSite=Lax
Connection
keep-alive
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
114672
X-XSS-Protection
1; mode=block
Cookie set 43ef05c27dd34cc9868b412ee9132265_04d0395bef0f48c5997caa03effe8cdc_dcd33a3628e34880a77f73d426bafb5f_SmallLogo.png
icx.efrontcloud.com/redbirdcap/api/css/image/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icx.efrontcloud.com/redbirdcap/api/css/image/43ef05c27dd34cc9868b412ee9132265_04d0395bef0f48c5997caa03effe8cdc_dcd33a3628e34880a77f73d426bafb5f_SmallLogo.png
Requested by
Host: icx.efrontcloud.com
URL: https://icx.efrontcloud.com/dist/css/dynamic/dcd33a3628e34880a77f73d426bafb5f_04d0395bef0f48c5997caa03effe8cdc?tenant=redbirdcap&app=ICX&version=2021.3.0%20%2821.3.0%2B25657-sha.ac3fef28f%29
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.214.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-214-238.compute-1.amazonaws.com
Software
/
Resource Hash
0e73581613a888fac4f958ac5a6fa9cb550d6d337d279ed049d1a8cbd42892c9
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
icx.efrontcloud.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Cookie
AWSELB=092343E304FFB2A31B1C0B565BBAFD6EDAB7C8511EA110A09F3BD47F1BCF6ED79E4411FCFE93718C3A97B58ECD818C533E097BAB47C122EE1DD56A73B6FD11AA876A7A22CA; EFRONT_LANGUAGE=A
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Referrer-Policy
no-referrer
Server
Cache-Control
private
Date
Wed, 19 May 2021 13:12:49 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Set-Cookie
ASP.NET_SessionId=mbmsxkxqxuzyn4zjmfiljpz2; expires=Thu, 19-May-1921 13:12:49 GMT; path=/; secure; HttpOnly; SameSite=Lax
Connection
keep-alive
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
156475
X-XSS-Protection
1; mode=block
PT_Sans-Web-Regular.woff
icx.efrontcloud.com/dist/_framework/bower_modules/groupdocs/fonts/ 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icx.efrontcloud.com/dist/_framework/bower_modules/groupdocs/fonts/PT_Sans-Web-Regular.woff
Requested by
Host: icx.efrontcloud.com
URL: https://icx.efrontcloud.com/dist/css/dynamic/dcd33a3628e34880a77f73d426bafb5f_04d0395bef0f48c5997caa03effe8cdc?tenant=redbirdcap&app=ICX&version=2021.3.0%20%2821.3.0%2B25657-sha.ac3fef28f%29
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.214.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-214-238.compute-1.amazonaws.com
Software
/
Resource Hash
5dfdd878d2d6bdd50f37fde1800a044753dd00bac3c3a30a35f999b422a48ee1
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://icx.efrontcloud.com
Accept-Encoding
gzip, deflate, br
Host
icx.efrontcloud.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Cookie
AWSELB=092343E304FFB2A31B1C0B565BBAFD6EDAB7C8511EA110A09F3BD47F1BCF6ED79E4411FCFE93718C3A97B58ECD818C533E097BAB47C122EE1DD56A73B6FD11AA876A7A22CA; EFRONT_LANGUAGE=A
Connection
keep-alive
Origin
https://icx.efrontcloud.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Referrer-Policy
no-referrer
Last-Modified
Tue, 20 Apr 2021 19:34:08 GMT
ETag
"0f883211c36d71:0"
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/x-font-woff
Cache-Control
public,max-age=31536000
Date
Wed, 19 May 2021 13:12:49 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Content-Length
60332
X-XSS-Protection
1; mode=block
Roboto-Regular.ac3f799d.ttf
icx.efrontcloud.com/dist/_framework/fonts/ 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icx.efrontcloud.com/dist/_framework/fonts/Roboto-Regular.ac3f799d.ttf
Requested by
Host: icx.efrontcloud.com
URL: https://icx.efrontcloud.com/dist/css/dynamic/dcd33a3628e34880a77f73d426bafb5f_04d0395bef0f48c5997caa03effe8cdc?tenant=redbirdcap&app=ICX&version=2021.3.0%20%2821.3.0%2B25657-sha.ac3fef28f%29
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.214.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-214-238.compute-1.amazonaws.com
Software
/
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://icx.efrontcloud.com
Accept-Encoding
gzip, deflate, br
Host
icx.efrontcloud.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Cookie
AWSELB=092343E304FFB2A31B1C0B565BBAFD6EDAB7C8511EA110A09F3BD47F1BCF6ED79E4411FCFE93718C3A97B58ECD818C533E097BAB47C122EE1DD56A73B6FD11AA876A7A22CA; EFRONT_LANGUAGE=A
Connection
keep-alive
Origin
https://icx.efrontcloud.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Referrer-Policy
no-referrer
Last-Modified
Tue, 20 Apr 2021 19:34:12 GMT
ETag
"052e6231c36d71:0"
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/octet-stream
Cache-Control
public,max-age=31536000
Date
Wed, 19 May 2021 13:12:49 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Content-Length
162876
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| Placeholders object| functionalDom object| $bu_ function| $buo function| $bu_getBrowser object| _buorgres function| $buo_show function| getCooky function| setCooky function| setUrl function| handleEnterForSecurId string| varURL0 string| varURL1 object| today object| expires function| submitLoginForm object| minBrowserScript object| $buoop function| $buo_f

4 Cookies

Domain/Path Name / Value
icx.efrontcloud.com/ Name: EFRONT_LANGUAGE
Value: A
icx.efrontcloud.com/ Name: AWSELB
Value: 092343E304FFB2A31B1C0B565BBAFD6EDAB7C8511EA110A09F3BD47F1BCF6ED79E4411FCFE93718C3A97B58ECD818C533E097BAB47C122EE1DD56A73B6FD11AA876A7A22CA
icx.efrontcloud.com/ Name: EFRONT_PROFILE
Value: RTC
icx.efrontcloud.com/@141 Name: ASP.NET_SessionId
Value: mm2m0lfkgj1wjgj3qb1epnbr

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';script-src * 'self' 'unsafe-eval' 'unsafe-inline';img-src * 'self' data: blob:;style-src 'self' 'unsafe-inline' *;frame-src * blob: data:;font-src * data:;connect-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block