urlscan.io logo urlscan.io
SecurityTrails logo

tecnolife.com.ec Open in urlscan Pro
95.217.225.189  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.brou.com.uy/c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://tecnolife.com.ec/a/system/
Effective URL: https://tecnolife.com.ec/a/system/
Submission: On May 12 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 95.217.225.189, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is tecnolife.com.ec.
TLS certificate: Issued by R3 on April 19th 2023. Valid for: 3 months.
This is the only time tecnolife.com.ec was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 200.40.231.53 6057 (Administr...)
1 95.217.225.189 24940 (HETZNER-AS)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
9 3
Apex Domain
Subdomains		 Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5988
122 KB
1 tecnolife.com.ec
tecnolife.com.ec
7 KB
1 brou.com.uy
www.brou.com.uy
635 B
9 3
Domain Requested by
8 challenges.cloudflare.com 1 redirects tecnolife.com.ec
challenges.cloudflare.com
1 tecnolife.com.ec
1 www.brou.com.uy 1 redirects
9 3

This site contains no links.

Subject Issuer Validity Valid
*.tecnolife.com.ec
R3		 2023-04-19 -
2023-07-18		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://tecnolife.com.ec/a/system/
Frame ID: 821F50F4D9C8E1A2DEB8D47C10188247
Requests: 3 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/jzb50/0x4AAAAAAAEirkNjw4JbuGe0/auto/normal
Frame ID: 5942A0F2739C55A372A0AEEBCB7E391F
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

<App> Please hold

Page URL History Show full URLs

  1. https://www.brou.com.uy/c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://tecnolife.com.ec/a/s... HTTP 302
    https://tecnolife.com.ec/a/system/ Page URL

Page Statistics

9
Requests

78 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

129 kB
Transfer

307 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.brou.com.uy/c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://tecnolife.com.ec/a/system/ HTTP 302
    https://tecnolife.com.ec/a/system/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/api.js

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tecnolife.com.ec/a/system/
Redirect Chain
  • https://www.brou.com.uy/c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://tecnolife.com.ec/a/system/
  • https://tecnolife.com.ec/a/system/
9 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tecnolife.com.ec/a/system/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.217.225.189 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
rapid.hostingec.host
Software
LiteSpeed /
Resource Hash
811b4f1dcc858a3970c1ceafc33b9d5649b7f6ed09869b4208f9c518cdde4979
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
public, max-age=2592000
content-encoding
br
content-length
6498
content-type
text/html
date
Fri, 12 May 2023 18:54:28 GMT
expires
Sun, 11 Jun 2023 18:54:28 GMT
last-modified
Fri, 12 May 2023 14:41:21 GMT
server
LiteSpeed
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
0
Content-Type
text/html;charset=UTF-8
Date
Fri, 12 May 2023 18:54:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=120, max=800
Location
https://tecnolife.com.ec/a/system/
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
api.js
challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/api.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/api.js
Requested by
Host: tecnolife.com.ec
URL: https://tecnolife.com.ec/a/system/
Protocol
H2
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51957b7f445f96a4f027db0a264c33904aaa9cd1ef944148008e41d54d4f8f0c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tecnolife.com.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:54:28 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7c64ded3ba6c4bbf-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Fri, 12 May 2023 18:54:28 GMT
server
cloudflare
vary
accept-encoding
location
/turnstile/v0/g/7fe8adc8/api.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7c64ded38a1b4bbf-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
179853be728902f5a54755fa7baca3a78ad222c5737c80fbe84d4a0357ea99cb

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/jzb50/0x4AAAAAAAEirkNjw4JbuGe0/auto/ Frame 5942 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/jzb50/0x4AAAAAAAEirkNjw4JbuGe0/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93fd20ecaf8d45cfc0cb7327388ef28acf55b35e90f9ad34db150f812ca8a31d

Request headers

Referer
https://tecnolife.com.ec/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7c64ded4193a33fa-YUL
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 18:54:28 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 5942 		156 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c64ded4193a33fa
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/jzb50/0x4AAAAAAAEirkNjw4JbuGe0/auto/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cfa35b5ce8815e054bc3e1ebd70ae898ab35016889f5856e2ba87df0ef2af7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/jzb50/0x4AAAAAAAEirkNjw4JbuGe0/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:54:28 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7c64ded479db33fa-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
9c1a465647b635c
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/340490565:1683914883:wXHALGNy8V5Jefut2bNs-hehYf8gu-fO5MgJwK7mrvA/7c64ded4193a33fa/ Frame 5942 		88 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/340490565:1683914883:wXHALGNy8V5Jefut2bNs-hehYf8gu-fO5MgJwK7mrvA/7c64ded4193a33fa/9c1a465647b635c
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c64ded4193a33fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a99dfaa1daaaa106291eeaa66e1ad8bc521bf48466d856931a60d65907bcec0

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/jzb50/0x4AAAAAAAEirkNjw4JbuGe0/auto/normal
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
CF-Challenge
9c1a465647b635c
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 12 May 2023 18:54:28 GMT
content-encoding
br
cf_chl_gen
jl/VY80jGS6dNwHllxKOPw4agpqW2OQyV5le073u5N6Of34rTtkVv0t83TaNwKrGYbotp6E68o9dQvcJ2sycNJxFcPjUCe+CyZNXZKtO9f9+gqeiss3IBkZaihl1cWoOLWEWyOPt8kby+XKiGo+NfKPvaoreLzs8rbPp4Nj9j5HBVRs1SiGUcRtWp4qhrjgnMujPAhvZa+UdvHSnmJ8lSTpFTIqXd4D3MFtCoRwwSc54oJ96RKxvdMhmsHeET2xWmGxrxPyTwql1B7vfo0XJ3L5fFjNIlfVtsEgd9Dg0rr26Gpgla/kIW0eptu0eKbtOE2DtaRoK5WQK82F+tjSN8q9o9lsag/OihgoTxr7jeccjgKSIaCMfrPkvITghNNN/gfsokwB0ydhEDZUHR0A9cJRmI0vxP+trTSscCI8FZVWAbXeBkkyFrnl+grK83XsS$C1eKyctyzg7viksT7B10Rw==
server
cloudflare
cf-ray
7c64ded5dc6e33fa-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
40a2e91c-cc2e-42ec-9a68-b88333d2a8ed
https://challenges.cloudflare.com/ Frame 5942 		220 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/40a2e91c-cc2e-42ec-9a68-b88333d2a8ed
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6b64601f895bed389aa525bed33990514b3ea089b51569aaf245f9479caeac8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/jzb50/0x4AAAAAAAEirkNjw4JbuGe0/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length
220
Content-Type
application/javascript
waFLH3g7LX50ijt
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7c64ded4193a33fa/1683917668808/f45a9732ef4eb522931b3ef11423d384364e57d410bc9cf562776c8691704f1d/ Frame 5942 		1 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7c64ded4193a33fa/1683917668808/f45a9732ef4eb522931b3ef11423d384364e57d410bc9cf562776c8691704f1d/waFLH3g7LX50ijt
Requested by
Host: tecnolife.com.ec
URL: https://tecnolife.com.ec/a/system/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/jzb50/0x4AAAAAAAEirkNjw4JbuGe0/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:54:29 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g9FqXMu9OtSKTGz7xFCPThDZOV9QQvJz1YndshpFwTx0AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA4rsahmFFVx2QGy_ap9QoeqGO_4LxWlFPbUODzU9Bo98w9mAJ4v4SezAZlSzuxZ-whSKnBsLI3W5_Ffqa5QZq-iwBI1406WdT_zTiNPDh2mFkXG_Im_OGmdqx5iLiI7Fuvm_js7sFgoX4L1MP7saxCY9qsWQ9-EaZmth2qzK0kjGxqoLmOUkCHHBEHpL31alMgPXC9Ww_OcA9ZXMUHyOOuAlOKZzqGmlDmPboz3OwCbKYt1cZ1V9FMz6IsOnZQp8OuYjAy44mpD1HmcYG3Zrn5YVxNqabY20_Wq5phFYl1453MSJlA6LedzIL9g40P14VWOgORWCdVGb0V6icMjuT5QIDAQAB, max-age=20
server
cloudflare
cf-ray
7c64deda5cab33fa-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
0ucY9uJrUHire7Y
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7c64ded4193a33fa/1683917668808/ Frame 5942 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7c64ded4193a33fa/1683917668808/0ucY9uJrUHire7Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b69e1475561e3364d783095ac245704a08c5053c0995e8af3ca8abf1c89f211

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/jzb50/0x4AAAAAAAEirkNjw4JbuGe0/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:54:29 GMT
server
cloudflare
cf-ray
7c64deda7cf433fa-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
9c1a465647b635c
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/340490565:1683914883:wXHALGNy8V5Jefut2bNs-hehYf8gu-fO5MgJwK7mrvA/7c64ded4193a33fa/ Frame 5942 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/340490565:1683914883:wXHALGNy8V5Jefut2bNs-hehYf8gu-fO5MgJwK7mrvA/7c64ded4193a33fa/9c1a465647b635c
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c64ded4193a33fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca98649c35d95fede0c023305721532d4d84303b8ea8c0fb593e2bc7edf13f78

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/jzb50/0x4AAAAAAAEirkNjw4JbuGe0/auto/normal
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
CF-Challenge
9c1a465647b635c
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 12 May 2023 18:54:29 GMT
content-encoding
br
cf_chl_gen
mDAN+SpOLzdIAxNtU8S43x37j14DXa0X1DgbDpQXHKHV1olQWCNH6lJNaL/8rGaC$nRSaraJnEshg7stbWLXn8A==
server
cloudflare
cf-ray
7c64dedb5eb933fa-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| recaptchaCallback object| turnstile

1 Cookies

Domain/Path Name / Value
www.brou.com.uy/ Name: JSESSIONID
Value: 7VYNDJJhw9FR15c2BUhxPnpx

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7c64ded4193a33fa/1683917668808/f45a9732ef4eb522931b3ef11423d384364e57d410bc9cf562776c8691704f1d/waFLH3g7LX50ijt
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block