Security Report Summary
A
Site: | https://filo.gg/?utm_source=filobot.xyz&utm_medium=redirect&utm_campaign=rebranding | ||
---|---|---|---|
IP Address: | 2606:4700:3033::6815:2a6e | ||
Report Time: | 20 Apr 2024 06:49:07 UTC | ||
Headers: |
|
||
Advanced: |
|
Missing Headers
Content-Security-Policy | Content Security Policy is an effective measure to protect your site from XSS attacks. By whitelisting sources of approved content, you can prevent the browser from loading malicious assets. |
---|
Raw Headers
HTTP/2 | 103 |
---|---|
link | </assets/44425554e15bef2f529c71c137c1bca5d1093d8d.css>; as=style; rel=preload, </assets/35fd952f430cc5681e5252f873034113046492d6.css>; as=style; rel=preload, </assets/43c09c58ca727f2ce6f15858504e9e644694a0ae.css>; as=style; rel=preload, </assets/f1a1ffd9216c74e7c189a55ebd3bebe3ff6b1e4c.css>; as=style; rel=preload, </assets/c2cfcd263d704ee789ad5e4468f5aa471d3b939f.css>; as=style; rel=preload, </assets/23c197bb6504cbbbc03211393a06cfbccd97b8ae.css>; as=style; rel=preload, </assets/22019ccbd32dc4570a226f437e94101485d8cd6d.js>; as=script; rel=preload, </assets/5ae4b4c53c6855451ab0c3f2794a20aad696645a.js>; as=script; rel=preload, </assets/240e7a45addd082b9b8f0f25916cbf8958cfedfd.js>; as=script; rel=preload, </assets/3de1a95e8698ccc823bd28f81b09b462724d8cd2.js>; as=script; rel=preload, </assets/a324cd9602556b220cefbf365faf31992652c42a.js>; as=script; rel=preload, </assets/c935d0022d92c5e06aede96a1717b51835c33365.js>; as=script; rel=preload, </assets/659ad239c9787d111baf4738eff8b78e46147403.js>; as=script; rel=preload, </assets/9da4c82ec525d88ead6c42936cfe0e3ef20d689c.js>; as=script; rel=preload, </assets/b6e51508db725ea071351ce845cc1ebc44e60d2e.js>; as=script; rel=preload, </assets/240ca360f85355c278766e833ada1208ae2a8159.js>; as=script; rel=preload, </assets/66cf969656b623f61ece5aa763674dacd1d5d113.js>; as=script; rel=preload, </assets/547e3c5e36781e989a5823f27b6548c3b232117f.js>; as=script; rel=preload, </assets/76b4081ec7616fb7620c158e57bcec0636cef1be.js>; as=script; rel=preload, <https://images.dmca.com/Badges/DMCABadgeHelper.min.js>; as=script; rel=preload, </assets/f9c21097234e0d31a9ad1fb7117ecc5c3735ce3a.css>; as=style; rel=preload, </assets/bb6825358737a285c66ed963dcdd59cc01e33ca2.css>; as=style; rel=preload, </assets/87913bfe366d032381802e37d755e9295fa1ca2c.css>; as=style; rel=preload, </assets/0a31bfc2beaeda87eabf411d5e4408c1dcdab9e1.css>; as=style; rel=preload, </assets/75f0d1966822e22fab328c9a4b37692adcd50448.css>; as=style; rel=preload, </assets/0aceb8622d63481f625b3a40262259e128a8bb73.css>; as=style; rel=preload, </assets/d9fb2fe4761153d01d1bb3d692aba2eb28a97cd8.css>; as=style; rel=preload, </assets/80be4834fb5c66855020b506efb15d8799c00f40.css>; as=style; rel=preload, </assets/a1adb876372391a53264798170c90377ecf495f0.css>; as=style; rel=preload, </assets/4a078c047e1176415eb2564ee3af9acdfc1e04e1.css>; as=style; rel=preload, </assets/77aab087429106e94da50e8b463087605016af8b.css>; as=style; rel=preload, </assets/9937353c88a01322398033fb7c53254b10337c46.css>; as=style; rel=preload, </assets/91fb2846dc7e5169662505d78d161ae87d851c6c.css>; as=style; rel=preload, </assets/0f494874ce4516918edaffe3a7c5229c6d3b7bf5.css>; as=style; rel=preload, </assets/082334b7dc2673a1516b19978d0aaac176d4c0e6.js>; as=script; rel=preload, </assets/67d22f4bba1b770e892e0325277ea54b95d5aff4.js>; as=script; rel=preload, </assets/dfe6cd958afe536e46206bb9c43953259a38cc00.js>; as=script; rel=preload |
HTTP/2 200 | |
date | Sat, 20 Apr 2024 06:49:07 GMT |
content-type | text/html; charset=utf-8 |
cf-ray | 8773314eddc1aaac-SJC |
cf-cache-status | HIT |
access-control-allow-origin | https://filo.gg |
age | 13229 |
cache-control | 604800, must-revalidate |
link | </assets/44425554e15bef2f529c71c137c1bca5d1093d8d.css>; rel="preload"; as=style, </assets/35fd952f430cc5681e5252f873034113046492d6.css>; rel="preload"; as=style, </assets/43c09c58ca727f2ce6f15858504e9e644694a0ae.css>; rel="preload"; as=style, </assets/f1a1ffd9216c74e7c189a55ebd3bebe3ff6b1e4c.css>; rel="preload"; as=style, </assets/c2cfcd263d704ee789ad5e4468f5aa471d3b939f.css>; rel="preload"; as=style, </assets/23c197bb6504cbbbc03211393a06cfbccd97b8ae.css>; rel="preload"; as=style, </assets/22019ccbd32dc4570a226f437e94101485d8cd6d.js>; rel="preload"; as=script, </assets/5ae4b4c53c6855451ab0c3f2794a20aad696645a.js>; rel="preload"; as=script, </assets/240e7a45addd082b9b8f0f25916cbf8958cfedfd.js>; rel="preload"; as=script, </assets/3de1a95e8698ccc823bd28f81b09b462724d8cd2.js>; rel="preload"; as=script, </assets/a324cd9602556b220cefbf365faf31992652c42a.js>; rel="preload"; as=script, </assets/c935d0022d92c5e06aede96a1717b51835c33365.js>; rel="preload"; as=script, </assets/659ad239c9787d111baf4738eff8b78e46147403.js>; rel="preload"; as=script, </assets/9da4c82ec525d88ead6c42936cfe0e3ef20d689c.js>; rel="preload"; as=script, </assets/b6e51508db725ea071351ce845cc1ebc44e60d2e.js>; rel="preload"; as=script, </assets/240ca360f85355c278766e833ada1208ae2a8159.js>; rel="preload"; as=script, </assets/66cf969656b623f61ece5aa763674dacd1d5d113.js>; rel="preload"; as=script, </assets/547e3c5e36781e989a5823f27b6548c3b232117f.js>; rel="preload"; as=script, </assets/76b4081ec7616fb7620c158e57bcec0636cef1be.js>; rel="preload"; as=script, <https://images.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="preload"; as=script, </assets/f9c21097234e0d31a9ad1fb7117ecc5c3735ce3a.css>; rel="preload"; as=style, </assets/bb6825358737a285c66ed963dcdd59cc01e33ca2.css>; rel="preload"; as=style, </assets/87913bfe366d032381802e37d755e9295fa1ca2c.css>; rel="preload"; as=style, </assets/0a31bfc2beaeda87eabf411d5e4408c1dcdab9e1.css>; rel="preload"; as=style, </assets/75f0d1966822e22fab328c9a4b37692adcd50448.css>; rel="preload"; as=style, </assets/0aceb8622d63481f625b3a40262259e128a8bb73.css>; rel="preload"; as=style, </assets/d9fb2fe4761153d01d1bb3d692aba2eb28a97cd8.css>; rel="preload"; as=style, </assets/80be4834fb5c66855020b506efb15d8799c00f40.css>; rel="preload"; as=style, </assets/a1adb876372391a53264798170c90377ecf495f0.css>; rel="preload"; as=style, </assets/4a078c047e1176415eb2564ee3af9acdfc1e04e1.css>; rel="preload"; as=style, </assets/77aab087429106e94da50e8b463087605016af8b.css>; rel="preload"; as=style, </assets/9937353c88a01322398033fb7c53254b10337c46.css>; rel="preload"; as=style, </assets/91fb2846dc7e5169662505d78d161ae87d851c6c.css>; rel="preload"; as=style, </assets/0f494874ce4516918edaffe3a7c5229c6d3b7bf5.css>; rel="preload"; as=style, </assets/082334b7dc2673a1516b19978d0aaac176d4c0e6.js>; rel="preload"; as=script, </assets/67d22f4bba1b770e892e0325277ea54b95d5aff4.js>; rel="preload"; as=script, </assets/dfe6cd958afe536e46206bb9c43953259a38cc00.js>; rel="preload"; as=script |
strict-transport-security | max-age=31536000; includeSubDomains; preload |
vary | Accept-Encoding |
access-control-allow-headers | Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Access-Token, XKey, Authorization |
access-control-allow-methods | GET |
access-control-max-age | 1728000 |
nel | {"success_fraction":0,"report_to":"cf-nel","max_age":604800} |
permissions-policy | accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=() |
report-to | {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=55qBo7AJeH3K4IyLzXO%2BLx4y2Dj3zQT429nacnXc9jlhl8ZZttSRfDiTeHKGxLUx5WHjEapk%2BK2JFhKcuGP0ojmQXHsmZujYl594V4svaC9ISh4pjtso6g48mc9uYSwcuIktXj7O"}],"group":"cf-nel","max_age":604800} |
expect-ct | max-age=86400, enforce |
referrer-policy | same-origin |
x-content-type-options | nosniff |
x-frame-options | SAMEORIGIN |
x-xss-protection | 1; mode=block |
server | cloudflare |
content-encoding | gzip |
alt-svc | h3=":443"; ma=86400 |
Upcoming Headers
Cross-Origin-Embedder-Policy | Cross-Origin Embedder Policy allows a site to prevent assets being loaded that do not grant permission to load them via CORS or CORP. |
---|---|
Cross-Origin-Opener-Policy | Cross-Origin Opener Policy allows a site to opt-in to Cross-Origin Isolation in the browser. |
Cross-Origin-Resource-Policy | Cross-Origin Resource Policy allows a resource owner to specify who can load the resource. |
Additional Information
access-control-allow-origin | The Access-Control-Allow-Origin header is used to configure CORS. |
---|---|
strict-transport-security | HTTP Strict Transport Security is an excellent feature to support on your site and strengthens your implementation of TLS by getting the User Agent to enforce the use of HTTPS. |
nel | Network Error Logging is a new header that instructs the browser to send reports during various network or application errors. You can sign up for a free account on Report URI to collect these reports. |
permissions-policy | Permissions Policy is a new header that allows a site to control which features and APIs can be used in the browser. |
report-to | Report-To enables the Reporting API. This allows a website to collect reports from the browser about various errors that may occur. You can sign up for a free account on Report URI to collect these reports. |
expect-ct | Expect-CT will soon be deprecated and can be removed. |
referrer-policy | Referrer Policy is a new header that allows a site to control how much information the browser includes with navigations away from a document and should be set by all sites. |
x-content-type-options | X-Content-Type-Options stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. The only valid value for this header is "X-Content-Type-Options: nosniff". |
x-frame-options | X-Frame-Options tells the browser whether you want to allow your site to be framed or not. By preventing a browser from framing your site you can defend against attacks like clickjacking. |
x-xss-protection | X-XSS-Protection sets the configuration for the XSS Auditor built into older browsers. The recommended value was "X-XSS-Protection: 1; mode=block" but you should now look at Content Security Policy instead. |
server | Server value has been changed. Typically you will see values like "Microsoft-IIS/8.0" or "nginx 1.7.2". |