https://www.gledajcrtace.xyz/

Scan ID:: 89342576-059a-4683-af88-75c377e88e41Finished
Submitted URL:: https://www.gledajcrtace.xyz/
Report Finished:: Sep 26, 2024, 21:34:48

Risks · 0 foundPractices that may pose security risks
No classification
Security Headers · 2 foundHTTP response headers that can harden the security of a web application
Learn more...
NameValueSupportInfo
Strict-Transport-Security—GoodDeclare that a website is only accessible over a secure connection (HTTPS).

Click to learn more...
X-Frame-Options—GoodIndicate whether a browser should be allowed to render a page in a <frame>, <iframe>, <embed> or <object>.

Click to learn more...
X-Content-Type-OptionsnosniffGoodIndicate that the MIME types advertised in the Content-Type headers should be followed and not be changed.

Click to learn more...
Content-Security-Policy—GoodControl resources the user agent is allowed to load for a given page.

Click to learn more...
Referrer-Policy—GoodControl how much referrer information should be included with requests.

Click to learn more...
Clear-Site-Data—GoodControl the data stored by a client browser for their origins.

Click to learn more...
X-Permitted-Cross-Domain-Policies—GoodControl whether a web client such as Adobe Flash Player or Adobe Acrobat has permission to handle data across domains.

Click to learn more...
Permissions-Policy—NewAllow and deny the use of browser features in a document or iframe.

Click to learn more...
Cross-Origin-Embedder-Policy—NewConfigure embedding cross-origin resources into the document.

Click to learn more...
Cross-Origin-Opener-Policy—NewEnsure a top-level document does not share a browsing context group with cross-origin documents.

Click to learn more...
Cross-Origin-Resource-Policy—NewRequest that the browser blocks no-cors cross-origin/cross-site requests to the given resource.

Click to learn more...
X-XSS-Protection1; mode=blockDeprecatedDeprecated. Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks.

Click to learn more...
Feature-Policy—DeprecatedDeprecated. Replaced by the Permissions-Policy header.

Click to learn more...
Expect-CT—DeprecatedDeprecated. Opt in to reporting and/or enforcement of Certificate Transparency requirements.

Click to learn more...
Public-Key-Pins—DeprecatedDeprecated. Allows HTTPS websites to resist impersonation by attackers using mis-issued or otherwise fraudulent certificates.

Click to learn more...
Security Violations · 5 foundRequests or resources offending security policies
ViolationTypeInfo
Resourcehttps://www.gledajcrtace.xyz/
DescriptionMixed Content: The page at 'https://www.gledajcrtace.xyz/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto:400,400italic,700'. This request has been blocked; the content must be served over HTTPS.
Mixed ContentBlock unencrypted content from loading in an encrypted page.

Click to learn more...
Resourcehttps://www.gledajcrtace.xyz/
DescriptionMixed Content: The page at 'https://www.gledajcrtace.xyz/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700'. This request has been blocked; the content must be served over HTTPS.
Mixed ContentBlock unencrypted content from loading in an encrypted page.

Click to learn more...
Resourcehttps://www.gledajcrtace.xyz/
DescriptionMixed Content: The page at 'https://www.gledajcrtace.xyz/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto:400,400italic,700'. This request has been blocked; the content must be served over HTTPS.
Mixed ContentBlock unencrypted content from loading in an encrypted page.

Click to learn more...
Resourcehttps://www.gledajcrtace.xyz/
DescriptionMixed Content: The page at 'https://www.gledajcrtace.xyz/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700'. This request has been blocked; the content must be served over HTTPS.
Mixed ContentBlock unencrypted content from loading in an encrypted page.

Click to learn more...
Resourcehttps://www.gledajcrtace.xyz/
DescriptionMixed Content: The page at 'https://www.gledajcrtace.xyz/' was loaded over HTTPS, but requested an insecure script 'http://connect.facebook.net/en_UK/all.js'. This request has been blocked; the content must be served over HTTPS.
Mixed ContentBlock unencrypted content from loading in an encrypted page.

Click to learn more...
Certificates · 19 foundSSL/TLS Certificates enable websites to encrypt transactions between the client and the server and provide server identity verification
SubjectIssue dateExpiry date
gledajcrtace.xyzSep 15, 2024, 13:38:07Dec 14, 2024, 13:38:06
*.blogger.comAug 26, 2024, 06:32:45Nov 18, 2024, 06:32:44
*.g.doubleclick.netAug 26, 2024, 06:33:44Nov 18, 2024, 06:33:43
*.cloudfront.netJul 30, 2024, 00:00:00Jul 3, 2025, 23:59:59
upload.video.google.comAug 26, 2024, 07:12:45Nov 18, 2024, 07:12:44
misc-sni.blogspot.comAug 26, 2024, 06:56:14Nov 18, 2024, 06:56:13
*.google.comAug 26, 2024, 06:33:47Nov 18, 2024, 06:33:46
ukankingwithea.comSep 5, 2024, 11:45:15Dec 4, 2024, 11:45:14
*.googleusercontent.comAug 26, 2024, 07:12:09Nov 18, 2024, 07:12:08
*.google-analytics.comAug 26, 2024, 06:33:47Nov 18, 2024, 06:33:46
Page 1 of 2

Name	Value	Support	Info
Strict-Transport-Security	—	Good	Declare that a website is only accessible over a secure connection (HTTPS). Click to learn more...
X-Frame-Options	—	Good	Indicate whether a browser should be allowed to render a page in a <frame>, <iframe>, <embed> or <object>. Click to learn more...
X-Content-Type-Options	nosniff	Good	Indicate that the MIME types advertised in the Content-Type headers should be followed and not be changed. Click to learn more...
Content-Security-Policy	—	Good	Control resources the user agent is allowed to load for a given page. Click to learn more...
Referrer-Policy	—	Good	Control how much referrer information should be included with requests. Click to learn more...
Clear-Site-Data	—	Good	Control the data stored by a client browser for their origins. Click to learn more...
X-Permitted-Cross-Domain-Policies	—	Good	Control whether a web client such as Adobe Flash Player or Adobe Acrobat has permission to handle data across domains. Click to learn more...
Permissions-Policy	—	New	Allow and deny the use of browser features in a document or iframe. Click to learn more...
Cross-Origin-Embedder-Policy	—	New	Configure embedding cross-origin resources into the document. Click to learn more...
Cross-Origin-Opener-Policy	—	New	Ensure a top-level document does not share a browsing context group with cross-origin documents. Click to learn more...
Cross-Origin-Resource-Policy	—	New	Request that the browser blocks no-cors cross-origin/cross-site requests to the given resource. Click to learn more...
X-XSS-Protection	1; mode=block	Deprecated	Deprecated. Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks. Click to learn more...
Feature-Policy	—	Deprecated	Deprecated. Replaced by the Permissions-Policy header. Click to learn more...
Expect-CT	—	Deprecated	Deprecated. Opt in to reporting and/or enforcement of Certificate Transparency requirements. Click to learn more...
Public-Key-Pins	—	Deprecated	Deprecated. Allows HTTPS websites to resist impersonation by attackers using mis-issued or otherwise fraudulent certificates. Click to learn more...

Violation	Type	Info
Resource https://www.gledajcrtace.xyz/ Description Mixed Content: The page at 'https://www.gledajcrtace.xyz/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto:400,400italic,700'. This request has been blocked; the content must be served over HTTPS.	Mixed Content	Block unencrypted content from loading in an encrypted page. Click to learn more...
Resource https://www.gledajcrtace.xyz/ Description Mixed Content: The page at 'https://www.gledajcrtace.xyz/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700'. This request has been blocked; the content must be served over HTTPS.	Mixed Content	Block unencrypted content from loading in an encrypted page. Click to learn more...
Resource https://www.gledajcrtace.xyz/ Description Mixed Content: The page at 'https://www.gledajcrtace.xyz/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto:400,400italic,700'. This request has been blocked; the content must be served over HTTPS.	Mixed Content	Block unencrypted content from loading in an encrypted page. Click to learn more...
Resource https://www.gledajcrtace.xyz/ Description Mixed Content: The page at 'https://www.gledajcrtace.xyz/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700'. This request has been blocked; the content must be served over HTTPS.	Mixed Content	Block unencrypted content from loading in an encrypted page. Click to learn more...
Resource https://www.gledajcrtace.xyz/ Description Mixed Content: The page at 'https://www.gledajcrtace.xyz/' was loaded over HTTPS, but requested an insecure script 'http://connect.facebook.net/en_UK/all.js'. This request has been blocked; the content must be served over HTTPS.	Mixed Content	Block unencrypted content from loading in an encrypted page. Click to learn more...

Subject	Issue date	Expiry date
gledajcrtace.xyz	Sep 15, 2024, 13:38:07	Dec 14, 2024, 13:38:06
*.blogger.com	Aug 26, 2024, 06:32:45	Nov 18, 2024, 06:32:44
*.g.doubleclick.net	Aug 26, 2024, 06:33:44	Nov 18, 2024, 06:33:43
*.cloudfront.net	Jul 30, 2024, 00:00:00	Jul 3, 2025, 23:59:59
upload.video.google.com	Aug 26, 2024, 07:12:45	Nov 18, 2024, 07:12:44
misc-sni.blogspot.com	Aug 26, 2024, 06:56:14	Nov 18, 2024, 06:56:13
*.google.com	Aug 26, 2024, 06:33:47	Nov 18, 2024, 06:33:46
ukankingwithea.com	Sep 5, 2024, 11:45:15	Dec 4, 2024, 11:45:14
*.googleusercontent.com	Aug 26, 2024, 07:12:09	Nov 18, 2024, 07:12:08
*.google-analytics.com	Aug 26, 2024, 06:33:47	Nov 18, 2024, 06:33:46