Apache
tcp/443
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
Severity: low
Fingerprint: 5f32cf5d6962f09cab28146bab28146bd0ed517f42224bebbc96805648eb7a11
Found 21 files trough .DS_Store spidering: /addons /addons/lib /addons/lib/lang /addons/templates /mail /mail/form /sites /sites/sitebuilder /sites/whoapsinstall /sites/whoapsinstall/form /themes /themes/Expertenmodus /themes/Expertenmodus/assets /themes/Expertenmodus/assets/javascripts /themes/Expertenmodus/assets/stylesheets /themes/Expertenmodus/templates /themes/Expertenmodus/templates/db /themes/Expertenmodus/templates/dns /themes/Expertenmodus/templates/mail /themes/Expertenmodus/templates/sites /themes/Standard
Severity: low
Fingerprint: 5f32cf5d6962f09cdafa5447dafa54476638d3bb318b7ca7a2e9acca69051fe1
Found 18 files trough .DS_Store spidering: /addons /addons/lib /addons/lib/lang /addons/templates /mail /mail/form /sites /sites/sitebuilder /sites/whoapsinstall /sites/whoapsinstall/form /themes /themes/Expertenmodus /themes/Expertenmodus/assets /themes/Expertenmodus/assets/javascripts /themes/Expertenmodus/assets/stylesheets /themes/Expertenmodus/templates /themes/Expertenmodus/templates/sites /themes/Standard
Severity: low
Fingerprint: 5f32cf5d6962f09c2eda814e2eda814e398d82f379954c1f6110e8c60f08e255
Found 6 files trough .DS_Store spidering: /dashboard /dashboard/dashlets /sites /sites/sitebuilder /sites/whoapsinstall /sites/whoapsinstall/form
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
Severity: low
Fingerprint: 5f32cf5d6962f09cab28146bab28146bd0ed517f42224bebbc96805648eb7a11
Found 21 files trough .DS_Store spidering: /addons /addons/lib /addons/lib/lang /addons/templates /mail /mail/form /sites /sites/sitebuilder /sites/whoapsinstall /sites/whoapsinstall/form /themes /themes/Expertenmodus /themes/Expertenmodus/assets /themes/Expertenmodus/assets/javascripts /themes/Expertenmodus/assets/stylesheets /themes/Expertenmodus/templates /themes/Expertenmodus/templates/db /themes/Expertenmodus/templates/dns /themes/Expertenmodus/templates/mail /themes/Expertenmodus/templates/sites /themes/Standard
Severity: low
Fingerprint: 5f32cf5d6962f09cccdd54a0ccdd54a032a783b6be12d7f4f36031d584d51709
Found 13 files trough .DS_Store spidering: /addons /addons/lib /addons/lib/lang /addons/templates /mail /mail/form /sites /sites/sitebuilder /sites/whoapsinstall /sites/whoapsinstall/form /themes /themes/Expertenmodus /themes/Standard
Severity: low
Fingerprint: 5f32cf5d6962f09c668fcbec668fcbec3ea52f22391ee59095bd0d4928d5cfb4
Found 17 files trough .DS_Store spidering: /addons /addons/lib /addons/lib/lang /addons/templates /mail /mail/form /sites /sites/sitebuilder /sites/whoapsinstall /sites/whoapsinstall/form /themes /themes/Expertenmodus /themes/Expertenmodus/assets /themes/Expertenmodus/assets/javascripts /themes/Expertenmodus/assets/stylesheets /themes/Expertenmodus/templates /themes/Standard
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
Severity: low
Fingerprint: 5f32cf5d6962f09cab28146bab28146bd0ed517f42224bebbc96805648eb7a11
Found 21 files trough .DS_Store spidering: /addons /addons/lib /addons/lib/lang /addons/templates /mail /mail/form /sites /sites/sitebuilder /sites/whoapsinstall /sites/whoapsinstall/form /themes /themes/Expertenmodus /themes/Expertenmodus/assets /themes/Expertenmodus/assets/javascripts /themes/Expertenmodus/assets/stylesheets /themes/Expertenmodus/templates /themes/Expertenmodus/templates/db /themes/Expertenmodus/templates/dns /themes/Expertenmodus/templates/mail /themes/Expertenmodus/templates/sites /themes/Standard
Severity: low
Fingerprint: 5f32cf5d6962f09cccdd54a0ccdd54a032a783b6be12d7f4f36031d584d51709
Found 13 files trough .DS_Store spidering: /addons /addons/lib /addons/lib/lang /addons/templates /mail /mail/form /sites /sites/sitebuilder /sites/whoapsinstall /sites/whoapsinstall/form /themes /themes/Expertenmodus /themes/Standard
The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652248ab5c0f
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true ignorecase = true precomposeunicode = true [submodule] active = . [remote "origin"] url = https://github.com/getkirby/starterkit.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master
The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652248ab5c0f
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true ignorecase = true precomposeunicode = true [submodule] active = . [remote "origin"] url = https://github.com/getkirby/starterkit.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master
Open service 89.107.189.197:443 · annimanifesto.com
2024-06-20 03:29
HTTP/1.1 302 Found Date: Thu, 20 Jun 2024 03:29:17 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Set-Cookie: ISPCSESS=rgrgc6hbpj9pc80mbgq1qau7gu; expires=Fri, 20-Jun-2025 03:29:17 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Lax; HTTPOnly; Secure Upgrade: h2,h2c Connection: Upgrade, close Location: /login/ Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Content-Length: 0 Content-Type: text/html; charset=utf-8
Open service 89.107.189.197:443 · www.annimanifesto.com
2024-06-18 19:09
HTTP/1.1 302 Found Date: Tue, 18 Jun 2024 19:10:02 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Set-Cookie: ISPCSESS=8vbp2urdc148jmi02u3v92qkrh; expires=Wed, 18-Jun-2025 19:10:02 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Lax; HTTPOnly; Secure Upgrade: h2,h2c Connection: Upgrade, close Location: /login/ Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Content-Length: 0 Content-Type: text/html; charset=utf-8
Open service 89.107.189.197:443 · annimanifesto.com
2024-06-18 14:08
HTTP/1.1 302 Found Date: Tue, 18 Jun 2024 14:08:47 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Set-Cookie: ISPCSESS=5t4r10i6r4supvlese64vi3f74; expires=Wed, 18-Jun-2025 14:08:48 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Lax; HTTPOnly; Secure Upgrade: h2,h2c Connection: Upgrade, close Location: /login/ Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Content-Length: 0 Content-Type: text/html; charset=utf-8
Open service 89.107.189.197:443 · www.annimanifesto.com
2024-06-16 17:10
HTTP/1.1 302 Found Date: Sun, 16 Jun 2024 17:10:50 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Set-Cookie: ISPCSESS=vvjrjbugo26jm96g6trj5son4r; expires=Mon, 16-Jun-2025 17:10:50 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Lax; HTTPOnly; Secure Upgrade: h2,h2c Connection: Upgrade, close Location: /login/ Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Content-Length: 0 Content-Type: text/html; charset=utf-8
Open service 89.107.189.197:443 · annimanifesto.com
2024-06-16 13:25
HTTP/1.1 302 Found Date: Sun, 16 Jun 2024 13:25:18 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Set-Cookie: ISPCSESS=keuhr3d7qln671lntcs5uhtc51; expires=Mon, 16-Jun-2025 13:25:18 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Lax; HTTPOnly; Secure Upgrade: h2,h2c Connection: Upgrade, close Location: /login/ Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Content-Length: 0 Content-Type: text/html; charset=utf-8
Open service 89.107.189.197:443 · www.annimanifesto.com
2024-06-12 18:49
HTTP/1.1 302 Found Date: Wed, 12 Jun 2024 18:49:28 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Set-Cookie: ISPCSESS=ekkijmn2djlt4ihpm95fc45guj; expires=Thu, 12-Jun-2025 18:49:28 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Lax; HTTPOnly; Secure Upgrade: h2,h2c Connection: Upgrade, close Location: /login/ Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Content-Length: 0 Content-Type: text/html; charset=utf-8
Open service 89.107.189.197:443 · annimanifesto.com
2024-06-12 07:32
HTTP/1.1 302 Found Date: Wed, 12 Jun 2024 07:32:04 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Set-Cookie: ISPCSESS=uqahgsc4ag0jpbcps5sdq5p9rf; expires=Thu, 12-Jun-2025 07:32:04 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Lax; HTTPOnly; Secure Upgrade: h2,h2c Connection: Upgrade, close Location: /login/ Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Content-Length: 0 Content-Type: text/html; charset=utf-8
Open service 89.107.189.197:443 · www.annimanifesto.com
2024-06-10 17:19
HTTP/1.1 302 Found Date: Mon, 10 Jun 2024 17:19:59 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Set-Cookie: ISPCSESS=qeanucgkn2bci6cd6bju0ahkbl; expires=Tue, 10-Jun-2025 17:19:59 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Lax; HTTPOnly; Secure Upgrade: h2,h2c Connection: Upgrade, close Location: /login/ Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Content-Length: 0 Content-Type: text/html; charset=utf-8
Open service 89.107.189.197:443 · annimanifesto.com
2024-06-10 04:31
HTTP/1.1 302 Found Date: Mon, 10 Jun 2024 04:31:44 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Set-Cookie: ISPCSESS=c4i8hiv7hugvvetqcag34srt56; expires=Tue, 10-Jun-2025 04:31:44 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Lax; HTTPOnly; Secure Upgrade: h2,h2c Connection: Upgrade, close Location: /login/ Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Content-Length: 0 Content-Type: text/html; charset=utf-8
Open service 89.107.189.197:443 · www.annimanifesto.com
2024-06-08 10:12
HTTP/1.1 302 Found Date: Sat, 08 Jun 2024 10:12:04 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Set-Cookie: ISPCSESS=alq9oioha48irbuldkn6njkh0v; expires=Sun, 08-Jun-2025 10:12:04 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Lax; HTTPOnly; Secure Upgrade: h2,h2c Connection: Upgrade, close Location: /login/ Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Content-Length: 0 Content-Type: text/html; charset=utf-8
Open service 89.107.189.197:443 · annimanifesto.com
2024-06-08 02:11
HTTP/1.1 302 Found Date: Sat, 08 Jun 2024 02:11:40 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Set-Cookie: ISPCSESS=e01t7r03m4aijg83ha1qu2st4o; expires=Sun, 08-Jun-2025 02:11:40 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Lax; HTTPOnly; Secure Upgrade: h2,h2c Connection: Upgrade, close Location: /login/ Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Content-Length: 0 Content-Type: text/html; charset=utf-8
Open service 89.107.189.197:443 · annimanifesto.com
2024-06-06 10:01
HTTP/1.1 302 Found Date: Thu, 06 Jun 2024 10:01:30 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Set-Cookie: ISPCSESS=oqrhq26c5s9mkrm88c95gh60si; expires=Fri, 06-Jun-2025 10:01:30 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Lax; HTTPOnly; Secure Upgrade: h2,h2c Connection: Upgrade, close Location: /login/ Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Content-Length: 0 Content-Type: text/html; charset=utf-8
Open service 89.107.189.197:443 · www.annimanifesto.com
2024-06-06 05:15
HTTP/1.1 302 Found Date: Thu, 06 Jun 2024 05:15:17 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Set-Cookie: ISPCSESS=7o9np9e5jlotk3gfkbnfu1fhfv; expires=Fri, 06-Jun-2025 05:15:17 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Lax; HTTPOnly; Secure Upgrade: h2,h2c Connection: Upgrade, close Location: /login/ Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Content-Length: 0 Content-Type: text/html; charset=utf-8
Open service 89.107.189.197:443 · annimanifesto.com
2024-06-04 15:03
HTTP/1.1 302 Found Date: Tue, 04 Jun 2024 15:03:29 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Set-Cookie: ISPCSESS=4ebofmlf5kpb49nif6j02p3nja; expires=Wed, 04-Jun-2025 15:03:29 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Lax; HTTPOnly; Secure Upgrade: h2,h2c Connection: Upgrade, close Location: /login/ Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Content-Length: 0 Content-Type: text/html; charset=utf-8
Open service 89.107.189.197:443 · www.annimanifesto.com
2024-06-04 03:47
HTTP/1.1 302 Found Date: Tue, 04 Jun 2024 03:47:19 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Set-Cookie: ISPCSESS=32loa9kneil69fb3iq9io481a6; expires=Wed, 04-Jun-2025 03:47:19 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Lax; HTTPOnly; Secure Upgrade: h2,h2c Connection: Upgrade, close Location: /login/ Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Content-Length: 0 Content-Type: text/html; charset=utf-8
Open service 89.107.189.197:443 · annimanifesto.com
2024-06-02 22:44
HTTP/1.1 302 Found Date: Sun, 02 Jun 2024 22:44:54 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Set-Cookie: ISPCSESS=fgh8hgg0nhd64a2474sjjt273o; expires=Mon, 02-Jun-2025 22:44:54 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Lax; HTTPOnly; Secure Upgrade: h2,h2c Connection: Upgrade, close Location: /login/ Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Content-Length: 0 Content-Type: text/html; charset=utf-8
Open service 89.107.189.197:443 · www.annimanifesto.com
2024-06-02 18:21
HTTP/1.1 302 Found Date: Sun, 02 Jun 2024 18:21:01 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Set-Cookie: ISPCSESS=mf0blbon8h8fk16bkf6t01bnfr; expires=Mon, 02-Jun-2025 18:21:01 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Lax; HTTPOnly; Secure Upgrade: h2,h2c Connection: Upgrade, close Location: /login/ Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Content-Length: 0 Content-Type: text/html; charset=utf-8