Security Report Summary
B
Site: | https://calendly.com/websohbet/sohbet | ||
---|---|---|---|
IP Address: | 2606:4700:4400::ac40:9251 | ||
Report Time: | 27 Apr 2024 14:01:54 UTC | ||
Headers: |
|
||
Advanced: |
|
Missing Headers
Content-Security-Policy | Content Security Policy is an effective measure to protect your site from XSS attacks. By whitelisting sources of approved content, you can prevent the browser from loading malicious assets. |
---|---|
Permissions-Policy | Permissions Policy is a new header that allows a site to control which features and APIs can be used in the browser. |
Raw Headers
HTTP/2 | 200 |
---|---|
date | Sat, 27 Apr 2024 14:01:54 GMT |
content-type | text/html; charset=utf-8 |
cf-ray | 87af58e07f316895-SJC |
cf-cache-status | DYNAMIC |
cache-control | max-age=0, private, must-revalidate |
link | <https://assets.calendly.com/assets/booking/css/booking-4c546456.css>; rel=preload; as=style; nopush |
set-cookie | _calendly_session=7UXNvWD44wVrBjByolgaXBepMpCLiX5tossanGWNkb4ky7mSnzWi5jTztSAqTWGHTN38Eqed5nNyDe4xU8fBEeXmRQIKegjDhzi4TELn%2Fa11sBIwPurSbtWMaErtuFgYLd0GGV26IOIvv1jfkX3dRb%2BcNaQbqNOtBtHv3mtzoA9nrL7Kjg1FaBmcXloqjcg7hGuDBSiXxYIbxep4sccTFFyYyTVtubCACFGeKzHnimH244kQBFEGzuafefkVbayX6tf6p1mp8E1Hc8tRxeN8Az24xdeQKpOHa27osJUmmfs2j8mSr%2FKkOpk6OcMAf9Qht8%2FHleoalVkndgrwbmaZW%2F73zuprBiVdVO%2FAu%2FNR82yeLeg%2B%2BMMd586GDYjl3a0KOHwmmoJB5g7JvyODiDwP5VG2%2BftMZA3F2Xu2g7opz63dMFKLUUDxFmkZyNb%2FcP911RYVaKUs9dwxQHaEju1Y8Wgf7zCacUaL4xIYhsKndy4J4Us3v21%2FJQfW2zG%2Fhz%2FBfCb1HY2kg%2Ft7c%2BCpkJK2q3fdlG%2FpndlIl219NRTQO5zX%2BLZjOFi2LfS6E5QLdACavNhv0Zv0ksxP7f3sntnc0xhVCR4wgOPqzkMvskS71G8G1AlwJYTv--6QTezRW7bJ4B4fPr--KYGNTx1SCp3vJpIhsFyqtQ%3D%3D; path=/; expires=Sat, 18 May 2024 14:01:54 GMT; secure; HttpOnly; SameSite=Lax |
strict-transport-security | max-age=31536000; includeSubDomains; preload |
referrer-policy | strict-origin-when-cross-origin |
x-content-type-options | nosniff |
x-frame-options | ALLOWALL |
x-request-id | 6564b7c21b48ef372f37f78ff9ba3c14 |
x-runtime | 0.380087 |
vary | Accept-Encoding |
set-cookie | __cf_bm=aSYfAa1feQgl8ZNt54Iofc5d1kDWJi8G_AiMwbKubbg-1714226514-1.0.1.1-rsMvxuqRhGxMbX7mv0cVZEAPg3yfQSjXcL0flLDlZjpQS3dA.LjlI6W6hScjeXHZhCUVCobvf3C6._G3rz1rCg; path=/; expires=Sat, 27-Apr-24 14:31:54 GMT; domain=.calendly.com; HttpOnly; Secure; SameSite=None |
set-cookie | __cfruid=bfeb1b6c7d686adf3a81ce5fce868f5cf4a5c5ff-1714226514; path=/; domain=.calendly.com; HttpOnly; Secure; SameSite=None |
server | cloudflare |
content-encoding | gzip |
Upcoming Headers
Cross-Origin-Embedder-Policy | Cross-Origin Embedder Policy allows a site to prevent assets being loaded that do not grant permission to load them via CORS or CORP. |
---|---|
Cross-Origin-Opener-Policy | Cross-Origin Opener Policy allows a site to opt-in to Cross-Origin Isolation in the browser. |
Cross-Origin-Resource-Policy | Cross-Origin Resource Policy allows a resource owner to specify who can load the resource. |
Additional Information
set-cookie | There is no Cookie Prefix on this cookie. |
---|---|
strict-transport-security | HTTP Strict Transport Security is an excellent feature to support on your site and strengthens your implementation of TLS by getting the User Agent to enforce the use of HTTPS. |
referrer-policy | Referrer Policy is a new header that allows a site to control how much information the browser includes with navigations away from a document and should be set by all sites. |
x-content-type-options | X-Content-Type-Options stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. The only valid value for this header is "X-Content-Type-Options: nosniff". |
x-frame-options | X-Frame-Options tells the browser whether you want to allow your site to be framed or not. By preventing a browser from framing your site you can defend against attacks like clickjacking. |
server | Server value has been changed. Typically you will see values like "Microsoft-IIS/8.0" or "nginx 1.7.2". |