Login

Security Headers Test

 HomeToolsSecurity Headers Test

205394

Total Scans

116202

High Risk Sites

88195

Medium Risk Sites

997

Low Risk Sites


Test For Security Headers & Get Instant Scan Report



Security Report Summary

Risk Level
Low
Site https://apfulfilment.com/
IP Address 185.199.220.83
Headers Information STRICT-TRANSPORT-SECURITY PERMISSIONS-POLICY X-FRAME-OPTIONS CONTENT-SECURITY-POLICY X-CONTENT-TYPE-OPTIONS X-XSS-PROTECTION REFERRER-POLICY X-PERMITTED-CROSS-DOMAIN-POLICIES
Date/Time Nov. 18, 2024, 2:02 a.m.
Re-Scan

Available Security Headers

STRICT-TRANSPORT-SECURITY
Ensures HTTPS-only access.
PERMISSIONS-POLICY
Restricts feature access.
X-FRAME-OPTIONS
Prevents clickjacking.
CONTENT-SECURITY-POLICY
Protects from XSS.
X-CONTENT-TYPE-OPTIONS
Prevents MIME-type sniffing.
X-XSS-PROTECTION
Blocks XSS attacks.
REFERRER-POLICY
Controls Referer header.
X-PERMITTED-CROSS-DOMAIN-POLICIES
Manages cross-domain requests.

Raw Headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
last-modified
Sun, 17 Nov 2024 13:35:34 GMT
content-type
text/html; charset=UTF-8
cache-control
public, max-age=0
expires
Sun, 17 Nov 2024 20:32:33 GMT
date
Sun, 17 Nov 2024 20:32:33 GMT
server
LiteSpeed
vary
User-Agent,Accept-Encoding
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Authorization
content-security-policy
upgrade-insecure-requests;
cross-origin-embedder-policy
unsafe-none; report-to='default'
cross-origin-embedder-policy-report-only
unsafe-none; report-to='default'
cross-origin-opener-policy
unsafe-none
cross-origin-opener-policy-report-only
unsafe-none; report-to='default'
cross-origin-resource-policy
cross-origin
permissions-policy
interest-cohort=(), window-management=(), accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=(), gamepad=(), serial=()
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-security-policy
default-src 'self'; img-src *; media-src * data:;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

High Risk Sites

Medium Risk Sites

Low Risk Sites

Other Tools

Web Scanners

Malicious URL Test

Run Test
Web Scanners

Malicious IP Test

Run Test
Web Scanners

Website Security Test

Run Test
Web Scanners

Reconnaissance

Run Test
Web Scanners

SSL Security Test

Run Test
Web Scanners

Wordpress Test

Run Test