Security Report Summary
D
| Site: | https://www.cableman.ru:443/ | ||
|---|---|---|---|
| IP Address: | 195.42.181.225 | ||
| Report Time: | 07 May 2024 14:30:34 UTC | ||
| Headers: |
|
||
| Advanced: |
|
Missing Headers
| Strict-Transport-Security | HTTP Strict Transport Security is an excellent feature to support on your site and strengthens your implementation of TLS by getting the User Agent to enforce the use of HTTPS. Recommended value "Strict-Transport-Security: max-age=31536000; includeSubDomains". |
|---|---|
| Content-Security-Policy | Content Security Policy is an effective measure to protect your site from XSS attacks. By whitelisting sources of approved content, you can prevent the browser from loading malicious assets. |
| Referrer-Policy | Referrer Policy is a new header that allows a site to control how much information the browser includes with navigations away from a document and should be set by all sites. |
| Permissions-Policy | Permissions Policy is a new header that allows a site to control which features and APIs can be used in the browser. |
Warnings
| X-Frame-Options | There was a duplicate X-Frame-Options header. |
|---|
Raw Headers
| HTTP/2 | 200 |
|---|---|
| server | nginx |
| content-type | text/html; charset=UTF-8 |
| vary | Accept-Encoding |
| cache-control | max-age=86400, public |
| date | Tue, 07 May 2024 14:24:58 GMT |
| x-drupal-dynamic-cache | UNCACHEABLE |
| x-ua-compatible | IE=edge |
| content-language | ru |
| x-content-type-options | nosniff |
| x-frame-options | SAMEORIGIN |
| x-drupal-cache-tags | block_content:17 block_content_view block_view block_visibility_group:skyscraper_2 config:block.block.bloksfonomdlyaglavnoy config:block.block.bloksfonomdlyaglavnoy_2 config:block.block.firstcentral config:block.block.firstcentral_2 config:block.block.initlab_cab_account_menu config:block.block.initlab_cab_breadcrumbs config:block.block.initlab_cab_content config:block.block.initlab_cab_help config:block.block.initlab_cab_main_menu config:block.block.initlab_cab_messages config:block.block.initlab_cab_page_title config:block.block.initlab_cab_powered config:block.block.initlab_cab_primary_admin_actions config:block.block.initlab_cab_search_form_narrow config:block.block.initlab_cab_search_form_wide config:block.block.initlab_cab_secondary_local_tasks config:block.block.initlab_cab_site_branding config:block.block.initlab_cab_syndicate config:block.block.largeleaderboard config:block.block.leaderboardmobile config:block.block.neboskreb config:block.block.newsletterfooter config:block.block.newsletterheader config:block.block.newslettermiddle config:block.block.primarylinks config:block.block.primarylinks_2 config:block.block.primarylinksbottom config:block.block.pryamougolnik config:block.block.pryamougolnik_2 config:block.block.raskrytayaformaanonsy_programm_telekanalovpage_1 config:block.block.raskrytayaformachannel_catalogpage_1 config:block.block.raskrytayaformasearchpage_1 config:block.block.raskrytayaformasearchpage_1_2 config:block.block.rectanglefooter config:block.block.rectangleheader config:block.block.secondcentral config:block.block.secondcentral_2 config:block.block.secondcolumn2 config:block.block.secondcolumn2mobile config:block.block.skyscraper2 config:block.block.skyscraper2_2 config:block.block.skyscraper2mobile config:block.block.skyscraper2mobile_2 config:block.block.skyscrapermobile config:block.block.spisokliderov config:block.block.tabs config:block.block.topmenu config:block.block.views_block__anonsy_programm_telekanalov_block_1 config:block.block.views_block__articles_block_1 config:block.block.views_block__blogs_block_1 config:block.block.views_block__blogs_block_2 config:block.block.views_block__channel_news_block_1 config:block.block.views_block__channel_news_block_2 config:block.block.views_block__content_list_by_author_block_1 config:block.block.views_block__gallery_block_1 config:block.block.views_block__news_block_1 config:block.block.views_block__news_block_2 config:block.block.views_block__reportage_block_1 config:block.block.vsepravazaschischeny config:block_list config:block_visibility_groups.block_visibility_group.skyscraper_2 config:field.storage.node.field_author_photo config:field.storage.node.field_erid config:field.storage.node.field_rubrika config:field.storage.node.field_teaser config:filter.format.full_html config:filter.format.twig config:image.style.60_60_crop config:printable.settings config:search.settings config:system.menu.account config:system.menu.menu-top-menu config:system.menu.primary-links config:system.menu.primary-links-bottom config:system.site config:user.role.anonymous config:views.view.anonsy_programm_telekanalov config:views.view.articles config:views.view.blogs config:views.view.channel_news config:views.view.news file:10642 file:25467 file:27197 file:27293 file:27854 file:28715 file:29113 file:83 http_response node:1 node:11581 node:2 node:2139 node:42148 node:458 node:63802 node:73045 node:75905 node:76085 node:76086 node:76116 node:76951 node:77471 node:77752 node:78450 node:78805 node:78806 node:78867 node:78952 node:79124 node:79142 node:79175 node:79181 node:79241 node:79250 node:79253 node:79273 node:79322 node:79347 node:79377 node:79418 node:79434 node:79462 node:79463 node:79464 node:79465 node:79466 node:79467 node:79468 node:79470 node:79473 node:79474 node:79476 node:79477 node:79480 node:79481 node:79482 node:79483 node:79487 node:79488 node:79489 node:79492 node:79495 node:79496 node_list node_view rendered taxonomy_term:1 taxonomy_term:11 taxonomy_term:2 taxonomy_term:3194 taxonomy_term:7 taxonomy_term:8503 taxonomy_term:8504 taxonomy_term:8506 taxonomy_term:8507 taxonomy_term:8509 taxonomy_term:8511 taxonomy_term:8512 taxonomy_term:8515 taxonomy_term:8516 taxonomy_term:8524 taxonomy_term:8531 taxonomy_term:8533 taxonomy_term:8536 taxonomy_term:8541 taxonomy_term:8553 user:0 user:11132 user:11269 |
| x-drupal-cache-contexts | cookies:big_pipe_nojs languages:language_content languages:language_interface route session.exists session.is_masquerading theme timezone url user |
| x-drupal-cache-max-age | 0 (Uncacheable) |
| expires | Sun, 19 Nov 1978 05:00:00 GMT |
| last-modified | Tue, 07 May 2024 14:24:57 GMT |
| etag | W/"1715091897" |
| vary | Cookie |
| x-xss-protection | 1; mode=block |
| x-frame-options | ALLOW |
| x-content-options | nosniff |
| content-encoding | gzip |
Upcoming Headers
| Cross-Origin-Embedder-Policy | Cross-Origin Embedder Policy allows a site to prevent assets being loaded that do not grant permission to load them via CORS or CORP. |
|---|---|
| Cross-Origin-Opener-Policy | Cross-Origin Opener Policy allows a site to opt-in to Cross-Origin Isolation in the browser. |
| Cross-Origin-Resource-Policy | Cross-Origin Resource Policy allows a resource owner to specify who can load the resource. |
Additional Information
| server | This Server header seems to advertise the software being run on the server but you can remove or change this value. |
|---|---|
| x-content-type-options | X-Content-Type-Options stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. The only valid value for this header is "X-Content-Type-Options: nosniff". |
| x-frame-options | X-Frame-Options tells the browser whether you want to allow your site to be framed or not. By preventing a browser from framing your site you can defend against attacks like clickjacking. |
| x-xss-protection | X-XSS-Protection sets the configuration for the XSS Auditor built into older browsers. The recommended value was "X-XSS-Protection: 1; mode=block" but you should now look at Content Security Policy instead. |
| x-frame-options | X-Frame-Options tells the browser whether you want to allow your site to be framed or not. By preventing a browser from framing your site you can defend against attacks like clickjacking. |