urlscan.io logo urlscan.io
SecurityTrails logo

softwared.click Open in urlscan Pro
35.223.162.234  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://futurefusionlabs.xyz/
Effective URL: https://softwared.click/primal-fears/
Submission: On October 22 via api from DK — Scanned from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 11 HTTP transactions. The main IP is 35.223.162.234, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is softwared.click.
TLS certificate: Issued by R3 on October 22nd 2023. Valid for: 3 months.
This is the only time softwared.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.130.41.101 198610 (BEGET-AS)
7 35.223.162.234 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
11 3
Apex Domain
Subdomains		 Transfer
7 softwared.click
softwared.click
450 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
1 KB
1 futurefusionlabs.xyz
futurefusionlabs.xyz
459 B
11 3
Domain Requested by
7 softwared.click softwared.click
1 fonts.googleapis.com softwared.click
1 futurefusionlabs.xyz 1 redirects
11 3

This site contains links to these domains. Also see Links.

Domain
mega.nz
Subject Issuer Validity Valid
softwared.click
R3		 2023-10-22 -
2024-01-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://softwared.click/primal-fears/
Frame ID: A68FA30B80DE72F54BAB23F74FCC6E76
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Primal-Fears - Software

Page URL History Show full URLs

  1. http://futurefusionlabs.xyz/ HTTP 302
    https://softwared.click/primal-fears/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

73 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

451 kB
Transfer

1901 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://futurefusionlabs.xyz/ HTTP 302
    https://softwared.click/primal-fears/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
softwared.click/primal-fears/
Redirect Chain
  • http://futurefusionlabs.xyz/
  • https://softwared.click/primal-fears/
52 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://softwared.click/primal-fears/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.162.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.162.223.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b26af579232320572216d8e66daac84fa0ad1ebc2f911a4e03d35e325bf8dbb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/36.0 Mobile/15E148 Safari/605.1.15
accept-language
da-DK,da;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 22 Oct 2023 19:53:14 GMT
link
<https://softwared.click/wp-json/>; rel="https://api.w.org/" <https://softwared.click/wp-json/wp/v2/pages/200>; rel="alternate"; type="application/json" <https://softwared.click/?p=200>; rel=shortlink
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
x-two-cache-date
1698003047
x-two-optimize
1
x-two-page-is-optimized
1
x-two-version
2.24.14
x-two-webp
1
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
0
Content-Type
text/html
Date
Sun, 22 Oct 2023 19:53:13 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=30
Location
https://softwared.click/primal-fears/
Pragma
no-cache
Server
nginx-reuseport/1.21.1
X-Powered-By
PHP/5.6.40
two_200_aggregated.min.css
softwared.click/wp-content/cache/tw_optimize/css/ 		1 MB
93 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://softwared.click/wp-content/cache/tw_optimize/css/two_200_aggregated.min.css?date=1698003390
Requested by
Host: softwared.click
URL: https://softwared.click/primal-fears/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.162.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.162.223.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cae4932275d2b35afe535fde717373faab2cab3e66ee46990c35d75e04b55811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://softwared.click/primal-fears/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/36.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Sun, 22 Oct 2023 19:53:14 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Sun, 22 Oct 2023 19:36:30 GMT
server
nginx
content-encoding
br
etag
W/"653579be-1397e5"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000
x-xss-protection
1; mode=block
expires
Wed, 16 Oct 2024 19:53:14 GMT
css2
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans%3Awght%40300%3B400%3B600%3B700%3B800&display=swap
Requested by
Host: softwared.click
URL: https://softwared.click/primal-fears/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
15fc69bbc5ed1b3ab2a19efa33d4744b712e0c7ac6d838989dbbc016a45a5f10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://softwared.click/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/36.0 Mobile/15E148 Safari/605.1.15

Response headers

strict-transport-security
max-age=31536000
date
Sun, 22 Oct 2023 19:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Sun, 22 Oct 2023 19:53:14 GMT
lazyload.min.js
softwared.click/wp-content/plugins/tenweb-speed-optimizer/includes/external/js/vanilla-lazyload/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://softwared.click/wp-content/plugins/tenweb-speed-optimizer/includes/external/js/vanilla-lazyload/lazyload.min.js
Requested by
Host: softwared.click
URL: https://softwared.click/primal-fears/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.162.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.162.223.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://softwared.click/primal-fears/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/36.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Sun, 22 Oct 2023 19:53:14 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Sun, 22 Oct 2023 17:13:15 GMT
server
nginx
content-encoding
br
etag
W/"6535582b-22bc"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000
x-xss-protection
1; mode=block
expires
Wed, 16 Oct 2024 19:53:14 GMT
two_bg_vanilla.js
softwared.click/wp-content/plugins/tenweb-speed-optimizer/includes/external/js/vanilla-lazyload/ 		2 KB
1008 B 		Script
General
Check archive.org
Download Go to
Full URL
https://softwared.click/wp-content/plugins/tenweb-speed-optimizer/includes/external/js/vanilla-lazyload/two_bg_vanilla.js
Requested by
Host: softwared.click
URL: https://softwared.click/primal-fears/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.162.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.162.223.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a440cf0bb0bb85af1417e18360bae8c4969de6ea31d9f0717323a2cb24ee0eb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://softwared.click/primal-fears/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/36.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Sun, 22 Oct 2023 19:53:14 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Sun, 22 Oct 2023 17:13:15 GMT
server
nginx
content-encoding
br
etag
W/"6535582b-82a"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000
x-xss-protection
1; mode=block
expires
Wed, 16 Oct 2024 19:53:14 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
874704cf13ca0e3292667a19d63f49dfb8fd5a7b99d5129361b8572c6733181b

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/36.0 Mobile/15E148 Safari/605.1.15

Response headers

Content-Type
image/svg+xml
truncated
/ 		62 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2b49ae118707bc6a883c9b5d33321c1c5744e5e61ba5338ef2e7e4086d1e1b8

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/36.0 Mobile/15E148 Safari/605.1.15

Response headers

Content-Type
image/svg+xml
581368a8-941a-4ee2-9a74-da65fed92adc
https://softwared.click/ 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://softwared.click/581368a8-941a-4ee2-9a74-da65fed92adc
Requested by
Host: softwared.click
URL: https://softwared.click/primal-fears/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbf47a99efdd282d082e9cbd31675d1bfa3719918239980d09216ca29f047526

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/36.0 Mobile/15E148 Safari/605.1.15

Response headers

Content-Length
5681
Content-Type
text/javascript
vecteezy_black-concrete-texture-background-old-grunge-rough_7588887_648-scaled.jpg
softwared.click/wp-content/uploads/2023/10/ 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://softwared.click/wp-content/uploads/2023/10/vecteezy_black-concrete-texture-background-old-grunge-rough_7588887_648-scaled.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.162.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.162.223.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9f1a8ad6a318fb67c9967328b37e29c45117bd799c778fef9653c62dbf1ae702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://softwared.click/primal-fears/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/36.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Sun, 22 Oct 2023 19:53:15 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Sun, 22 Oct 2023 18:18:45 GMT
server
nginx
etag
"65356785-3761c"
vary
Accept
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000
accept-ranges
bytes
content-length
226844
x-xss-protection
1; mode=block
expires
Wed, 16 Oct 2024 19:53:15 GMT
input-onlinepngtools-768x254.png
softwared.click/wp-content/uploads/2023/10/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://softwared.click/wp-content/uploads/2023/10/input-onlinepngtools-768x254.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.162.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.162.223.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8911e2d25cf885f44142547014e49bdf1b8e246103e116b2dc267f2fdd678ebb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://softwared.click/primal-fears/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/36.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Sun, 22 Oct 2023 19:53:15 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Sun, 22 Oct 2023 18:14:33 GMT
server
nginx
etag
"65356689-9ec6"
vary
Accept
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000
accept-ranges
bytes
content-length
40646
x-xss-protection
1; mode=block
expires
Wed, 16 Oct 2024 19:53:15 GMT
31fe6861-ad3d-446d-811b-00d0817c0698
https://softwared.click/ 		27 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://softwared.click/31fe6861-ad3d-446d-811b-00d0817c0698
Requested by
Host: softwared.click
URL: https://softwared.click/primal-fears/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73917787c240f2cc359e5282b3c642e0a79588dd1db526b60a9dc710bd127505

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/36.0 Mobile/15E148 Safari/605.1.15

Response headers

Content-Length
27889
Content-Type
text/css
c4f6f394-1062-4dcb-b52f-3c1d18d84832
https://softwared.click/ 		199 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://softwared.click/c4f6f394-1062-4dcb-b52f-3c1d18d84832
Requested by
Host: softwared.click
URL: https://softwared.click/primal-fears/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73e2b04943846116c1e39a44bab3bb5dcd8a212dd46c9504541dd3206f249693

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/36.0 Mobile/15E148 Safari/605.1.15

Response headers

Content-Length
203685
Content-Type
text/css
fa-solid-900.woff2
softwared.click/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://softwared.click/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: softwared.click
URL: blob:https://softwared.click/c4f6f394-1062-4dcb-b52f-3c1d18d84832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.162.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.162.223.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://softwared.click
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/36.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Sun, 22 Oct 2023 19:53:15 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Sat, 21 Oct 2023 18:32:30 GMT
server
nginx
etag
"6534193e-13174"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31104000
accept-ranges
bytes
content-length
78196
x-xss-protection
1; mode=block
expires
Wed, 16 Oct 2024 19:53:15 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| two_worker_data_critical_data object| two_worker_data_font object| two_worker_data_excluded_js object| two_worker_data_js object| two_worker_data_css function| logLoaded function| applyElementorControllers function| applyViewCss boolean| two_scripts_load function| two_load_delayed_javascript function| two_loading_events string| two_delayed_loading_attribute string| two_delayed_js_load_libs_first object| two_delayed_loading_events object| two_event_listeners object| two_script_list object| two_excluded_js_list number| excluded_count object| two_css_list object| two_fonts_list object| two_critical_data object| wcode object| two_worker object| two_worker_data function| UpdateQueryString function| two_connect_failed_style function| two_connect_style undefined| two_event function| two_connect_script function| two_connect_font function| two_styles_loaded object| two_worker_styles_list number| two_worker_styles_count string| two_svg_placeholder function| LazyLoad function| two_replace_backgrounds object| two_lazyLoadInstance boolean| two_page_loaded object| onStylesLoadEvent object| two_observer

1 Cookies

Domain/Path Name / Value
futurefusionlabs.xyz/ Name: PHPSESSID
Value: 5affcae7fbc6b25a791dae8a45a7c31c

1 Console Messages

Source Level URL
Text
worker info URL: blob:https://softwared.click/581368a8-941a-4ee2-9a74-da65fed92adc(Line 12)
Message:
error in fetching: Error, bypassing https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap#038;display=swap&#038;ver=6.3.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block