Security Report Summary
D
Site: | https://www.scarpelove.it/en/ | ||
---|---|---|---|
IP Address: | 212.35.217.209 | ||
Report Time: | 18 May 2024 17:16:23 UTC | ||
Headers: |
|
||
Advanced: |
|
Missing Headers
Content-Security-Policy | Content Security Policy is an effective measure to protect your site from XSS attacks. By whitelisting sources of approved content, you can prevent the browser from loading malicious assets. |
---|---|
X-Frame-Options | X-Frame-Options tells the browser whether you want to allow your site to be framed or not. By preventing a browser from framing your site you can defend against attacks like clickjacking. Recommended value "X-Frame-Options: SAMEORIGIN". |
X-Content-Type-Options | X-Content-Type-Options stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. The only valid value for this header is "X-Content-Type-Options: nosniff". |
Referrer-Policy | Referrer Policy is a new header that allows a site to control how much information the browser includes with navigations away from a document and should be set by all sites. |
Permissions-Policy | Permissions Policy is a new header that allows a site to control which features and APIs can be used in the browser. |
Raw Headers
HTTP/2 | 200 |
---|---|
server | nginx |
date | Sat, 18 May 2024 17:16:22 GMT |
content-type | text/html; charset=utf-8 |
vary | Accept-Encoding |
set-cookie | PrestaShop-a7fb587b52867882750d36e81f3051cf=def50200a83b812e9c5f30323c0773710c6f750b526c704d0ce23e319a8ac062dfa2c8beda64eb339be2645525668affd95a9d06e94bf2ac7dc527caf7cb32acb62ec38fb4cccb7e551cb7daf5f413a3a7926c1513def7883f58357984fd6939664e01790c9fdae3897c35b2b4578ed27139520ea2171629b1538aadffa08aace91bd55468254774e90792d70bd4c54a4bc074daf7f71dd3d4870c0a6cde8dfea3d6aa2550b5f2e08b46ef59d2d00b8b947ba596b5b5c1ecbeedbe47406bb09e49a02926f497604911fca0c38c94cc4beebee86cc3003ddcd9b4e979bf5582bff23ac3682cb68326f277d3f29c6e47908231033307d76530f6e967c4c1d1b39991705b84e250f23b6ba8093d2fe68459902128fde44962baf8af206bc7ec2f84c3c8c82b03c61292a27209acfafd4f40f0bc9872a09a3f62650d02513f40c498235a3b99fa80d1aaa67ed3a93ec0bffb5657df56; expires=Fri, 07-Jun-2024 17:16:20 GMT; Max-Age=1728000; path=/; domain=www.scarpelove.it; secure; HttpOnly; SameSite=Lax |
set-cookie | PHPSESSID=ngk4t0qas00eunn4rloai5r33q; expires=Mon, 24-Oct-2078 10:32:41 GMT; Max-Age=1717780580; path=/; secure; HttpOnly; SameSite=Lax |
expires | Thu, 19 Nov 1981 08:52:00 GMT |
cache-control | no-store, no-cache, must-revalidate |
pragma | no-cache |
set-cookie | PrestaShop-a7fb587b52867882750d36e81f3051cf=def50200f96f5d52ed054877e6ac414b11f6a019c02f38730c7443af83039d504fa78f42cbd8e1f94d51562d91773255f137378f36d56739590c41d3fdc6cf63e1ec3a7e1871292701bd8f1b5cb444f2e44ddd19081b721fa9f6437fa47735741af09475f2f560604695584f4ffdb4d99e9cd511a49210eb6359b27dddf38372c04f7c2206a602028a2beac03817192630837af1e49fa318cbd80f5f56c28b39bcd856c4a7ae0488dd33d5e13718ae93ab5abe1de68f976251f770530773fbec5df0f12ca06c83fc2e145a523d2ee09e200d8691bbb53e679bbbacd64e0f4d4f2ad680f9b30b322a58875cae9da6e23e7ac84659e8cd51e2d5be821bfb9e61b28b404389e59ae1cecaca0b3294376b24d329cb15e381ba7db2f9d76abbc7dfac4811104e31400b3cdb4c59afcc86b6313244a3428f4ba39a023de5e6b8debe81d4b105ba121403f78369fb94169d517e598c92fa31b6cfdabf88dbab6d7fe9640fe2b6; expires=Fri, 07-Jun-2024 17:16:20 GMT; Max-Age=1727999; path=/; domain=www.scarpelove.it; secure; HttpOnly; SameSite=Lax |
set-cookie | PrestaShop-a7fb587b52867882750d36e81f3051cf=def50200784548fc6984f06c25b8bf17ddddfee16b79ef8fd2e35afcb9b1cb9cdb65b5e08e67246e89ff19ee026cc0d0d7af2bf5cc72a8b21d60f8a53b009bf1748bf708a78bc03e1f454c7447cf2c81dd00337276aef12ca0720a982fa6fdd82afa86c46347de1129361760bf6a3fae5d18e8532448b2705b10d9fe957541e2768938bd24b8d3f01e8486cf503763eeb1a8be2b990e4d2acae8258ecfc5e7b40a18f3c366a2c38e1db31fc582ffbed1b79a635d5b036b82cdb06f689ca6e06b54fe5460d6b57af7c98ba179318dd5749f843181d2b001b32128258694093603dfe2e4115ddd62caa01a5df9e3ff838543e158fc241018d7d3621546a312cff98f9c890ed9b064828f090e0d4ea09b4ee1ae88316298e0526274776f257c56ee871fd65c3e813648e81d38ba7344140a78aab45312c670e2e5f6093a5b11f2ca1a5c0396caf425bec80ba36679897bfc1a51e6aa5fc15026abd13bed0c7294a81625f0ef9bd81e2e1d8fbeb9c0d9d8057021ae639d38f395c838200081710420cf08cfa0db45eaaf4013e0; expires=Fri, 07-Jun-2024 17:16:20 GMT; Max-Age=1727998; path=/; domain=www.scarpelove.it; secure; HttpOnly; SameSite=Lax |
strict-transport-security | max-age=31536000; includeSubDomains |
content-encoding | gzip |
Upcoming Headers
Cross-Origin-Embedder-Policy | Cross-Origin Embedder Policy allows a site to prevent assets being loaded that do not grant permission to load them via CORS or CORP. |
---|---|
Cross-Origin-Opener-Policy | Cross-Origin Opener Policy allows a site to opt-in to Cross-Origin Isolation in the browser. |
Cross-Origin-Resource-Policy | Cross-Origin Resource Policy allows a resource owner to specify who can load the resource. |
Additional Information
server | This Server header seems to advertise the software being run on the server but you can remove or change this value. |
---|---|
set-cookie | There is no Cookie Prefix on this cookie. |
strict-transport-security | HTTP Strict Transport Security is an excellent feature to support on your site and strengthens your implementation of TLS by getting the User Agent to enforce the use of HTTPS. |