Security Report Summary
B
Site: | https://christianitynewsdaily.com/ | ||
---|---|---|---|
IP Address: | 2606:4700:3035::ac43:d5ec | ||
Report Time: | 04 May 2024 04:26:02 UTC | ||
Headers: |
|
||
Advanced: |
|
Missing Headers
Content-Security-Policy | Content Security Policy is an effective measure to protect your site from XSS attacks. By whitelisting sources of approved content, you can prevent the browser from loading malicious assets. |
---|---|
Permissions-Policy | Permissions Policy is a new header that allows a site to control which features and APIs can be used in the browser. |
Raw Headers
HTTP/2 | 200 |
---|---|
date | Sat, 04 May 2024 04:26:02 GMT |
content-type | text/html; charset=UTF-8 |
vary | Accept-Encoding |
x-wp-cf-super-cache | cache |
x-wp-cf-super-cache-active | 1 |
x-wp-cf-super-cache-cache-control | s-maxage=31536000, max-age=60 |
x-wp-cf-super-cache-cookies-bypass | swfpc-feature-not-enabled |
referrer-policy | same-origin |
referrer-policy | same-origin |
x-cache-age | 51143 |
pragma | no-cache |
x-frame-options | SAMEORIGIN |
x-content-type-options | nosniff |
x-xss-protection | 1; mode=block |
x-permitted-cross-domain-policies | master-only |
x-page-speed | 1 |
link | </wp-includes/css/dist/block-library/A.style.min.css,qver=6.5.2.pagespeed.cf.gLkW9J2ngS.css>; rel=preload; as=style; nopush |
link | </wp-content/plugins/contact-form-7/includes/css/A.styles.css,qver=5.9.3.pagespeed.cf.bkX63Rfd0q.css>; rel=preload; as=style; nopush |
link | </wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.21.4>; rel=preload; as=style; nopush |
link | </wp-content/plugins/elementor/assets/lib/swiper/v8/css/A.swiper.min.css,qver=8.4.5.pagespeed.cf.1sMgTZG5nO.css>; rel=preload; as=style; nopush |
link | </wp-content/uploads/elementor/css/A.global.css,qver=1714731763.pagespeed.cf.I4up8oNHs5.css>; rel=preload; as=style; nopush |
link | </wp-content/themes/newsup/css/A.bootstrap.css,qver=6.5.2.pagespeed.cf.qKjTg7JPiB.css>; rel=preload; as=style; nopush |
link | </wp-content/themes/newsgine/A.style.css,qver=6.5.2.pagespeed.cf._mEiXuujLN.css>; rel=preload; as=style; nopush |
link | </wp-content/themes/newsup/css/font-awesome/css/A.all.min.css,qver=6.5.2.pagespeed.cf.AmVeCFEAWm.css>; rel=preload; as=style; nopush |
link | </wp-content/themes/newsup/css/font-awesome/css/A.v4-shims.min.css,qver=6.5.2.pagespeed.cf.vbMUSw2hzh.css>; rel=preload; as=style; nopush |
link | </wp-content/themes/newsup/css/A.jquery.smartmenus.bootstrap.css,qver=6.5.2.pagespeed.cf.o6zryBcmOg.css>; rel=preload; as=style; nopush |
link | </wp-content/themes/newsup/inc/ansar/customize/css/A.customizer.css,qver=1.0.pagespeed.cf.jQVSk1r1OO.css>; rel=preload; as=style; nopush |
link | </wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.9.18>; rel=preload; as=style; nopush |
link | </wp-content/themes/newsup/A.style.css,qver=6.5.2.pagespeed.cf.fb90tZfF7a.css>; rel=preload; as=style; nopush |
link | </wp-content/themes/newsgine/A.style.css,qver=1.0.pagespeed.cf._mEiXuujLN.css>; rel=preload; as=style; nopush |
link | </wp-content/themes/newsgine/css/colors/A.default.css,qver=6.5.2.pagespeed.cf.3xubM2UoAD.css>; rel=preload; as=style; nopush |
link | </wp-includes/js/jquery/jquery.min.js?ver=3.7.1>; rel=preload; as=script; nopush |
link | </wp-content/themes/newsup/js/bootstrap.js?ver=6.5.2>; rel=preload; as=script; nopush |
link | </wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3>; rel=preload; as=script; nopush |
link | </wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3>; rel=preload; as=script; nopush |
link | </wp-content/plugins/visual-footer-credit-remover/script.js?ver=6.5.2>; rel=preload; as=script; nopush |
link | </wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.9.18>; rel=preload; as=script; nopush |
link | </wp-content/themes/newsup/js/custom.js?ver=6.5.2>; rel=preload; as=script; nopush |
link | </wp-content/themes/newsup/js/custom-time.js?ver=6.5.2>; rel=preload; as=script; nopush |
cache-control | max-age=0, no-cache, no-store |
cf-cache-status | BYPASS |
report-to | {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9DoFWkh8X3sXKrMkEG4NWpz%2Fb2PGIKEHQGbhhRqbKNVng1suVW0XSZC0frfhdIlaPcq9fY%2Fqy61fPit7OoILH%2FsRQzuInt54OWjPpA32P3GP18TtHebTLbtcz7TUjErSeG0Mm%2FHRnH0IUrEK6t7LX44XO3Ia3mHQ"}],"group":"cf-nel","max_age":604800} |
nel | {"success_fraction":0,"report_to":"cf-nel","max_age":604800} |
strict-transport-security | max-age=7776000 |
server | cloudflare |
cf-ray | 87e5baf468ae6429-SJC |
content-encoding | gzip |
alt-svc | h3=":443"; ma=86400 |
Upcoming Headers
Cross-Origin-Embedder-Policy | Cross-Origin Embedder Policy allows a site to prevent assets being loaded that do not grant permission to load them via CORS or CORP. |
---|---|
Cross-Origin-Opener-Policy | Cross-Origin Opener Policy allows a site to opt-in to Cross-Origin Isolation in the browser. |
Cross-Origin-Resource-Policy | Cross-Origin Resource Policy allows a resource owner to specify who can load the resource. |
Additional Information
referrer-policy | Referrer Policy is a new header that allows a site to control how much information the browser includes with navigations away from a document and should be set by all sites. |
---|---|
referrer-policy | Referrer Policy is a new header that allows a site to control how much information the browser includes with navigations away from a document and should be set by all sites. |
x-frame-options | X-Frame-Options tells the browser whether you want to allow your site to be framed or not. By preventing a browser from framing your site you can defend against attacks like clickjacking. |
x-content-type-options | X-Content-Type-Options stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. The only valid value for this header is "X-Content-Type-Options: nosniff". |
x-xss-protection | X-XSS-Protection sets the configuration for the XSS Auditor built into older browsers. The recommended value was "X-XSS-Protection: 1; mode=block" but you should now look at Content Security Policy instead. |
x-page-speed | X-Page-Speed provides the version number of the Google PageSpeed module. The default value seems to have been changed but the header could still be removed. |
report-to | Report-To enables the Reporting API. This allows a website to collect reports from the browser about various errors that may occur. You can sign up for a free account on Report URI to collect these reports. |
nel | Network Error Logging is a new header that instructs the browser to send reports during various network or application errors. You can sign up for a free account on Report URI to collect these reports. |
strict-transport-security | HTTP Strict Transport Security is an excellent feature to support on your site and strengthens your implementation of TLS by getting the User Agent to enforce the use of HTTPS. |
server | Server value has been changed. Typically you will see values like "Microsoft-IIS/8.0" or "nginx 1.7.2". |