Security Report Summary
C
Site: | https://www.ulethbridge.ca/ | ||
---|---|---|---|
IP Address: | 142.66.8.36 | ||
Report Time: | 31 Aug 2025 22:16:59 UTC | ||
Headers: |
|
||
Advanced: |
|
Missing Headers
Content-Security-Policy | Content Security Policy is an effective measure to protect your site from XSS attacks. By whitelisting sources of approved content, you can prevent the browser from loading malicious assets. |
---|---|
Referrer-Policy | Referrer Policy is a new header that allows a site to control how much information the browser includes with navigations away from a document and should be set by all sites. |
Permissions-Policy | Permissions Policy is a new header that allows a site to control which features and APIs can be used in the browser. |
Raw Headers
HTTP/1.1 | 200 OK |
---|---|
Server | nginx/1.22.1 |
Content-Type | text/html; charset=UTF-8 |
Cache-Control | max-age=31536000, public |
Date | Fri, 29 Aug 2025 21:17:19 GMT |
X-Drupal-Dynamic-Cache | UNCACHEABLE (poor cacheability) |
Content-language | en |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Expires | Sun, 19 Nov 1978 05:00:00 GMT |
Last-Modified | Fri, 29 Aug 2025 21:17:18 GMT |
ETag | W/"1756502238" |
X-Generator | Drupal 10 (https://www.drupal.org) |
Purge-Cache-Tags | context_block_page group:1 group_menu_link_content-1 config:context.context.basic_ulethbridge_content_page group_view config:filter.format.full_html paragraph:52026 config:paragraphs.settings paragraph:52015 paragraph:55096 paragraph:56726 paragraph:56729 paragraph_view paragraph:52025 paragraph:42387 paragraph:25927 media_view media:35765 config:image.style.large file:228559 config:filter.format.filtered_html paragraph:52024 paragraph:35852 paragraph:25926 paragraph:52023 paragraph:25925 paragraph:52022 paragraph:25924 paragraph:43026 paragraph:25923 paragraph:52021 paragraph:25922 paragraph:25921 media:81725 file:240764 paragraph:25920 media:81724 config:image.style.editor_thumbnail file:240763 paragraph:25919 media:81723 file:240762 paragraph:52020 paragraph:35851 paragraph:25918 paragraph:52019 paragraph:35850 paragraph:25917 paragraph:52018 paragraph:25916 paragraph:52017 paragraph:25915 paragraph:37734 paragraph:35849 paragraph:35848 paragraph:25914 paragraph:25913 paragraph:52016 paragraph:25912 paragraph:37733 paragraph:35846 paragraph:35845 paragraph:35847 paragraph:25911 paragraph:58987 paragraph:58986 paragraph:58985 media:86169 file:246001 paragraph:55216 paragraph:55215 paragraph:55214 paragraph:60719 media:86162 file:245993 paragraph:56707 paragraph:56706 paragraph:56705 media:84768 config:responsive_image.styles.responsive_editor_full_width config:image.style.editor_medium config:image.style.editor_full_width config:image.style.editor_extra_large config:image.style.editor_large paragraph:56704 paragraph:56703 paragraph:56702 paragraph:56701 media:84772 node:25563 group_relationship_list:plugin:group_node:alumni_honour_society_inductee group_relationship_list:plugin:group_node:alumnus_of_the_year group_relationship_list:plugin:group_node:deadlines group_relationship_list:plugin:group_node:flexible_messaging_area group_relationship_list:plugin:group_node:grant_fund_received group_relationship_list:plugin:group_node:instructor group_relationship_list:plugin:group_node:personal_information_bank group_relationship_list:plugin:group_node:program_review group_relationship_list:plugin:group_node:program_undergraduate group_relationship_list:plugin:group_node:reference_document group_relationship_list:plugin:group_node:request_proposal group_relationship_list:plugin:group_node:research_award group_relationship_list:plugin:group_node:tabbed_content group_relationship_list:plugin:group_node:admission_requirements group_relationship_list:plugin:group_node:article group_relationship_list:plugin:group_node:award_opportunity group_relationship_list:plugin:group_node:degree_graduate group_relationship_list:plugin:group_node:document group_relationship_list:plugin:group_node:event_link group_relationship_list:plugin:group_node:external_award group_relationship_list:plugin:group_node:external_resource group_relationship_list:plugin:group_node:grants group_relationship_list:plugin:group_node:news_release group_relationship_list:plugin:group_node:obituary group_relationship_list:plugin:group_node:page group_relationship_list:plugin:group_node:profile group_relationship_list:plugin:group_node:program_graduate group_relationship_list:plugin:group_node:space group_relationship_list:plugin:group_node:supervisor group_relationship_list:plugin:group_node:webform node:25564 node:25565 group:99 group:82 node:25566 node:25567 node:25568 node:25569 group:126 node:25571 node:37318 node:25572 node:25573 node:25574 group:116 node:25575 group:91 node:60 node:25576 node:25577 node:25578 node:25579 node:25580 node:25581 node:25582 group:48 group:141 node:24278 config:system.menu.group_menu_link_content-1 CACHE_MISS_IF_UNCACHEABLE_HTTP_METHOD:form config:antibot.settings rendered http_response config:user.role.anonymous config:group_role_list config:group.role.department-anonymous flexible_permissions group_relationship_list:plugin:group_membership:entity:0 |
X-Drupal-Cache | MISS |
X-PHPAPP-P2-debug | php1 |
Content-Encoding | gzip |
Vary | Cookie, Accept-Encoding |
X-Varnish | 6491651 323948 |
Age | 176379 |
Via | 1.1 varnish (Varnish/7.1) |
Accept-Ranges | bytes |
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
X-Varnish-host | its-varnish01-p |
X-Varnish-debug-top | Orig Loc : |
X-Varnish-debug | https--www.ulethbridge.ca--/ |
X-Varnish-vcl_deliver-host | www.ulethbridge.ca |
Content-Length | 16996 |
Connection | keep-alive |
Set-Cookie | BIGipServervarnish-prod_and_staging=3389407886.49431.0000; path=/; Httponly; Secure |
Upcoming Headers
Cross-Origin-Embedder-Policy | Cross-Origin Embedder Policy allows a site to prevent assets being loaded that do not grant permission to load them via CORS or CORP. |
---|---|
Cross-Origin-Opener-Policy | Cross-Origin Opener Policy allows a site to opt-in to Cross-Origin Isolation in the browser. |
Cross-Origin-Resource-Policy | Cross-Origin Resource Policy allows a resource owner to specify who can load the resource. |
Additional Information
Server | This Server header seems to advertise the software being run on the server but you can remove or change this value. |
---|---|
X-Content-Type-Options | X-Content-Type-Options stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. The only valid value for this header is "X-Content-Type-Options: nosniff". |
X-Frame-Options | X-Frame-Options tells the browser whether you want to allow your site to be framed or not. By preventing a browser from framing your site you can defend against attacks like clickjacking. |
Strict-Transport-Security | HTTP Strict Transport Security is an excellent feature to support on your site and strengthens your implementation of TLS by getting the User Agent to enforce the use of HTTPS. |