Security Report Summary
C
Site: | https://www.viki.com/users/cccasino70_402/about | ||
---|---|---|---|
IP Address: | 34.102.157.214 | ||
Report Time: | 18 May 2024 07:33:33 UTC | ||
Headers: |
|
||
Advanced: |
|
Missing Headers
Content-Security-Policy | Content Security Policy is an effective measure to protect your site from XSS attacks. By whitelisting sources of approved content, you can prevent the browser from loading malicious assets. |
---|---|
Referrer-Policy | Referrer Policy is a new header that allows a site to control how much information the browser includes with navigations away from a document and should be set by all sites. |
Permissions-Policy | Permissions Policy is a new header that allows a site to control which features and APIs can be used in the browser. |
Warnings
Status code indicates error | The status code of the response indicates an error. Not all headers may be set when the response is an error. |
---|
Raw Headers
HTTP/2 | 404 |
---|---|
date | Sat, 18 May 2024 07:33:33 GMT |
content-type | text/html; charset=utf-8 |
x-dns-prefetch-control | off |
x-frame-options | SAMEORIGIN |
x-download-options | noopen |
x-content-type-options | nosniff |
x-xss-protection | 1; mode=block |
set-cookie | uuid=9a62680b-1afb-4468-a4b6-1ec82153e8dd; Max-Age=31536000; Domain=.viki.com; Path=/; Expires=Sun, 18 May 2025 07:33:33 GMT |
set-cookie | locale=en; Domain=.viki.com; Path=/; Expires=Sun, 18 May 2025 07:33:33 GMT; SameSite=Strict |
set-cookie | variation_ids=c6681f6d%2C723e62cb%2Cfab7128e%2Ce7a825af%2Cd1cbe40c%2Cbb0537fb%2C67cd02ea%2C80e5b0e4%2Cc742b75f%2C7c49a0d4%2Ce4d457c5%2C111639e3%2C4733fa3a%2C5f0b5a4a%2Ca2ef8173%2Ce76e3108%2C3dd62b0b%2C129f83f4%2C1ffe2691%2C021fd6ef%2Cb7f42abb%2Cbca6f9c7%2C6780ed90%2C2fea9621%2C06f131ca%2C7dff159e%2C8fbd16ea%2Cab3fc7f2%2Cf0767e2a%2C9338473c%2C41ebc09e%2C1b949605%2Ca8bc56a1%2C4dbd6bec%2C27045373%2Cebbb896c%2Ca8185a26%2C48cb10bc%2Cdb9a2a13%2C909d713d%2C492c05c6%2Cc6865027%2C070fa4c3%2C83d23f6b%2C6a2ed51b%2C5b83dec0%2C49280371%2C37560fdd%2C79a3665a%2C699af946%2Ce4eb71cf%2C9098e1bb%2Cf521146d%2Cc26fc70b%2C31f32bf1%2Ce456012e%2C4f085904%2C5902aa44%2Ceaad50c1%2C0f9f384d%2C4cbcd3f2%2C6162e135%2Cc3f351b1%2Cde83d978%2C41484f84%2Cc9042ed4%2Cdd9709f0%2Cda3ce17a%2C9a92929e%2C2f39a574%2Cbf466b2e%2Ce0eb4d2d%2C992647c1%2C309f2e17%2Cc229fdfd%2C111fd5bb%2C90517576%2C54b9a602%2Ce801b3df%2Cbe137962%2Cface36d9%2C988260b9%2Ce201b62f%2C4e5479ee%2Cbf7a5b12%2Cdc160645%2C69410275%2Cef9db453%2C5805f5a6%2C0fba77ad%2C1180b7e1%2Cd98615b6%2Ce7f0d7bf%2C6e73fa86%2C6f7528cb%2C6a0ba5bf%2C2ee7ba89%2Cd7d46a90%2Ca426cf48%2C94188b27%2C4186f7d4%2C5ff4f38e%2C3131b242%2C3fc2a687%2C864179b7%2Cf91dace5%2C1e9296fc%2C8848a656%2C33f3288b%2Cb4051093%2Cd6bf88e9%2C5a837656%2Cbdc2d004%2C092b4634%2Cf9862551%2Cc340eddf%2Cf93c585e%2C3dd23813%2C2072298a%2Cc63df01b%2Cb582ed29%2C904de017%2Cc1c61ead%2Cd9de428f%2C765bed21%2C2290d1e5%2C3d94e2d8%2C851eb111%2Cb1514f6a%2C80a71eeb%2C9043d8c6%2C3ebdd627%2C1f80d3f2%2Cf250f8d8%2C64499930%2C17050a5e%2C520faf1f%2C9df5d8d3%2Cda717cb3%2C2c3dacb1%2C3e9df74f%2Ccfc37791%2Ca274e2d1%2C3fb52845%2Cc0b7493a%2C03420fb4%2C31bcc316%2C8c05771f%2C45829611; Max-Age=300; Domain=.viki.com; Path=/; Expires=Sat, 18 May 2024 07:38:33 GMT |
content-language | en |
etag | "27c97-3jjLCQ0xGDY1/TI44gHaEZ1bgPM" |
cache-control | private, no-cache, no-store, max-age=0, must-revalidate |
vary | Accept-Encoding |
content-encoding | gzip |
via | 1.1 google |
strict-transport-security | max-age=31536000; includeSubDomains |
alt-svc | h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 |
Upcoming Headers
Cross-Origin-Embedder-Policy | Cross-Origin Embedder Policy allows a site to prevent assets being loaded that do not grant permission to load them via CORS or CORP. |
---|---|
Cross-Origin-Opener-Policy | Cross-Origin Opener Policy allows a site to opt-in to Cross-Origin Isolation in the browser. |
Cross-Origin-Resource-Policy | Cross-Origin Resource Policy allows a resource owner to specify who can load the resource. |
Additional Information
x-frame-options | X-Frame-Options tells the browser whether you want to allow your site to be framed or not. By preventing a browser from framing your site you can defend against attacks like clickjacking. |
---|---|
x-content-type-options | X-Content-Type-Options stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. The only valid value for this header is "X-Content-Type-Options: nosniff". |
x-xss-protection | X-XSS-Protection sets the configuration for the XSS Auditor built into older browsers. The recommended value was "X-XSS-Protection: 1; mode=block" but you should now look at Content Security Policy instead. |
strict-transport-security | HTTP Strict Transport Security is an excellent feature to support on your site and strengthens your implementation of TLS by getting the User Agent to enforce the use of HTTPS. |