Scan results for http://youngtinysex.com

Security Report Summary

R

Redirect:	Click here to follow the redirect to https://bratsorry.com/a/?h=eW91bmd0aW55c2V4LmNvbQ%3D%3D&r=aHR0cHM6Ly9zZWN1cml0eWhlYWRlcnMuY29tLw%3D%3D&u=Lw%3D%3D.
Site:	http://youngtinysex.com/ - (Scan again over https)
IP Address:	162.254.189.112
Report Time:	28 Mar 2023 04:55:13 UTC
Headers:	Content-Security-Policy X-Frame-Options X-Content-Type-Options Referrer-Policy Permissions-Policy
Warning:	Grade capped at A, please see warnings below.

Supported By

Probely

Perform a deeper security analysis of your website and APIs:

Raw Headers

HTTP/1.1	302 Found
Server	nginx/1.20.1
Date	Tue, 28 Mar 2023 04:55:12 GMT
Content-Type	text/html; charset=UTF-8
Transfer-Encoding	chunked
Connection	keep-alive
Count-Hit	done
Set-Cookie	437856108594a13ff2bda8b97ab24456=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Set-Cookie	4b0a24b6443d5ec8a99ccb48efe3203d=notrade; expires=Wed, 29-Mar-2023 04:55:12 GMT; Max-Age=86400; path=/
Set-Cookie	dda3f86b53953c9e17de19c5ad298db2=notrade; expires=Wed, 29-Mar-2023 04:55:12 GMT; Max-Age=86400; path=/
Set-Cookie	fa204db6f49bf9eab58755d7aa538417=1679979312; expires=Wed, 29-Mar-2023 04:55:12 GMT; Max-Age=86400; path=/
Set-Cookie	3d52d7265447654e59e9ad436550b397=1; expires=Wed, 29-Mar-2023 04:55:12 GMT; Max-Age=86400; path=/
Set-Cookie	pageold=true; expires=Tue, 19-Jan-2038 03:14:07 GMT; Max-Age=467504335
Location	https://bratsorry.com/a/?h=eW91bmd0aW55c2V4LmNvbQ%3D%3D&r=aHR0cHM6Ly9zZWN1cml0eWhlYWRlcnMuY29tLw%3D%3D&u=Lw%3D%3D

Missing Headers

Content-Security-Policy	Content Security Policy is an effective measure to protect your site from XSS attacks. By whitelisting sources of approved content, you can prevent the browser from loading malicious assets.
X-Frame-Options	X-Frame-Options tells the browser whether you want to allow your site to be framed or not. By preventing a browser from framing your site you can defend against attacks like clickjacking. Recommended value "X-Frame-Options: SAMEORIGIN".
X-Content-Type-Options	X-Content-Type-Options stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. The only valid value for this header is "X-Content-Type-Options: nosniff".
Referrer-Policy	Referrer Policy is a new header that allows a site to control how much information the browser includes with navigations away from a document and should be set by all sites.
Permissions-Policy	Permissions Policy is a new header that allows a site to control which features and APIs can be used in the browser.

Warnings

Site is using HTTP	This site was served over HTTP and did not redirect to HTTPS.

Upcoming Headers

Cross-Origin-Embedder-Policy	Cross-Origin Embedder Policy allows a site to prevent assets being loaded that do not grant permission to load them via CORS or CORP.
Cross-Origin-Opener-Policy	Cross-Origin Opener Policy allows a site to opt-in to Cross-Origin Isolation in the browser.
Cross-Origin-Resource-Policy	Cross-Origin Resource Policy allows a resource owner to specify who can load the resource.

Additional Information

Server	This Server header seems to advertise the software being run on the server but you can remove or change this value.

A scotthelme.co.uk project - CC-BY-SA 4.0