https://www.onlinegdb.com/cgpeHFiQx

风险 · 找到 0 个

Copy link

可能带来安全风险的做法

  • 无分类

安全标头 · 找到 0 个

Copy link

可以增强 Web 应用程序安全性的 HTTP 响应标头

了解更多...
  • 未设置
名称支持信息
Strict-Transport-Security良性声明只能通过安全连接 (HTTPS) 访问网站。

单击可了解更多信息...
X-Frame-Options良性表明是否允许浏览器在 <frame>、<iframe>、<embed> 或 <object> 中渲染页面。

单击可了解更多信息...
X-Content-Type-Options良性表明应该遵循 Content-Type 标头中公布的 MIME 类型,并且不得进行更改。

单击可了解更多信息...
Content-Security-Policy良性控制允许用户代理为指定页面加载的资源。

单击可了解更多信息...
Referrer-Policy良性控制请求中应该包含多少引荐者信息。

单击可了解更多信息...
Clear-Site-Data良性控制客户端浏览器为来源服务器存储的数据。

单击可了解更多信息...
X-Permitted-Cross-Domain-Policies良性控制 Web 客户端(例如 Adobe Flash Player 或 Adobe Acrobat)是否拥有跨域处理数据的权限。

单击可了解更多信息...
Permissions-Policy允许和拒绝在文档或 iframe 中使用浏览器功能。

单击可了解更多信息...
Cross-Origin-Embedder-Policy配置将跨源资源嵌入到文档中。

单击可了解更多信息...
Cross-Origin-Opener-Policy确保顶级文档不与跨源文档共享浏览背景组。

单击可了解更多信息...
Cross-Origin-Resource-Policy请求浏览器阻止对给定资源的 no-cors 跨源/跨站点请求。

单击可了解更多信息...
X-XSS-Protection停用已弃用。当检测到页面遭受反射式跨站点脚本 (XSS) 攻击时,停止加载页面。

单击可了解更多信息...
Feature-Policy停用已弃用。替换为 Permissions-Policy 标头。

单击可了解更多信息...
Expect-CT停用已弃用。选择加入报告和/或执行证书透明度要求。

单击可了解更多信息...
Public-Key-Pins停用已弃用。允许 HTTPS 网站抵御攻击者使用错误颁发的或其他欺诈性证书进行假冒。

单击可了解更多信息...

安全违规行为 · 找到 13 个

Copy link

违反安全策略的请求或资源

违规类型信息
资源
https://www.onlinegdb.com/cgpeHFiQx
描述
Access to fetch at 'https://static.criteo.net/js/ld/publishertag.prebid.js' from origin 'https://www.onlinegdb.com' has been blocked by CORS policy: Request header field amiksika is not allowed by Access-Control-Allow-Headers in preflight response.
Cross-Origin Resource SharingControls which external origins are allowed load resources.

单击可了解更多信息...
资源
https://www.onlinegdb.com/cgpeHFiQx
描述
Access to XMLHttpRequest at 'https://ads.servenobid.com/adreq?upapi=true' from origin 'https://www.onlinegdb.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Cross-Origin Resource SharingControls which external origins are allowed load resources.

单击可了解更多信息...
资源
https://www.onlinegdb.com/cgpeHFiQx
描述
Access to XMLHttpRequest at 'https://ads.servenobid.com/adreq' from origin 'https://www.onlinegdb.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Cross-Origin Resource SharingControls which external origins are allowed load resources.

单击可了解更多信息...
资源
https://www.onlinegdb.com/cgpeHFiQx
描述
Access to XMLHttpRequest at 'https://api.btloader.com/pv?tid=CgSdPsQC-WBvO5sJ8-9454057565&w=6245015796318208&o=5102648370397184&cv=2.1.67-1-g39aeacf&widget=false&r=false&vr=800x600&pageURL=https%3A%2F%2Fwww.onlinegdb.com%2FcgpeHFiQx&sid=VE2CmVJ4-eXydr9NXeX-9454057565&pm=true&upapi=true' from origin 'https://www.onlinegdb.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Cross-Origin Resource SharingControls which external origins are allowed load resources.

单击可了解更多信息...
资源
https://www.onlinegdb.com/cgpeHFiQx
描述
Access to fetch at 'https://api.btloader.com/country?o=5102648370397184' from origin 'https://www.onlinegdb.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Cross-Origin Resource SharingControls which external origins are allowed load resources.

单击可了解更多信息...
资源
https://www.onlinegdb.com/cgpeHFiQx
描述
Access to fetch at 'https://api.btmessage.com/websiteconfig?bt_env=prod&o=5102648370397184&w=onlinegdb.com&l=EN' from origin 'https://www.onlinegdb.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Cross-Origin Resource SharingControls which external origins are allowed load resources.

单击可了解更多信息...
资源
https://www.onlinegdb.com/cgpeHFiQx
描述
Access to fetch at 'https://api.btmessage.com/mw/state?bt_env=prod' from origin 'https://www.onlinegdb.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Cross-Origin Resource SharingControls which external origins are allowed load resources.

单击可了解更多信息...
资源
https://www.onlinegdb.com/cgpeHFiQx
描述
Access to fetch at 'https://api.btmessage.com/log?tid=CgSdPsQC-WBvO5sJ8-9454057565&cv=2.1.67-1-g39aeacf&sid=VE2CmVJ4-eXydr9NXeX-9454057565&upapi=true' from origin 'https://www.onlinegdb.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Cross-Origin Resource SharingControls which external origins are allowed load resources.

单击可了解更多信息...
资源
https://www.onlinegdb.com/cgpeHFiQx
描述
Access to fetch at 'https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250' from origin 'https://www.onlinegdb.com' has been blocked by CORS policy: Request header field amiksika is not allowed by Access-Control-Allow-Headers in preflight response.
Cross-Origin Resource SharingControls which external origins are allowed load resources.

单击可了解更多信息...
资源
https://www.onlinegdb.com/cgpeHFiQx
描述
Access to font at 'https://fonts.gstatic.com/s/googlesans/v62/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2' from origin 'https://www.onlinegdb.com' has been blocked by CORS policy: Request header field amiksika is not allowed by Access-Control-Allow-Headers in preflight response.
Cross-Origin Resource SharingControls which external origins are allowed load resources.

单击可了解更多信息...
资源
https://www.onlinegdb.com/cgpeHFiQx
描述
Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.onlinegdb.com&pubid=747b8b51-ec47-4dee-9823-b2b73124b71f' from origin 'https://www.onlinegdb.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Cross-Origin Resource SharingControls which external origins are allowed load resources.

单击可了解更多信息...
资源
https://www.onlinegdb.com/cgpeHFiQx
描述
Access to XMLHttpRequest at 'https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.onlinegdb.com%2FcgpeHFiQx&pr=https%3A%2F%2Fgithub.com%2F&pid=qamw9lEifCDLQ&cb=0&ws=800x600&v=24.1212.711&t=2500&slots=%5B%7B%22sd%22%3A%22bsa-zone_1573224210072-0_123456%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22960212090%2C22987729508%2FOnlineGDB_S2S_Leaderboard_BTF%22%7D%5D&schain=1.0%2C1%21buysellads.com%2C2703%2C1%2C%2C%2C%21google.com%2Cpub-9961814823930967%2C1%2C%2C%2C&pubid=747b8b51-ec47-4dee-9823-b2b73124b71f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D' from origin 'https://www.onlinegdb.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Cross-Origin Resource SharingControls which external origins are allowed load resources.

单击可了解更多信息...
资源
blob:https://www.onlinegdb.com/24194dee-7fa2-47d3-8dcf-4233cfc28728
描述
Failed to set referrer policy: The value '' is not one of 'always', 'default', 'never', 'origin-when-crossorigin', 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
Cross-Origin Resource SharingControls which external origins are allowed load resources.

单击可了解更多信息...

证书 · 找到· 36 个

Copy link

SSL/TLS 证书使网站能够加密客户端和服务器之间的事务并提供服务器身份验证

主题颁发日期到期日期
onlinegdb.com2024年12月24日 15:34:552025年3月24日 16:33:15
cdnjs.cloudflare.com2024年11月26日 07:25:182025年2月24日 07:25:17
m.servedby-buysellads.com2024年10月14日 00:00:002025年11月12日 23:59:59
html-load.com2025年1月1日 19:04:162025年4月1日 20:04:10
cdn.carbonads.com2024年10月16日 00:00:002025年11月15日 23:59:59
*.cdn4.buysellads.net2024年11月18日 11:41:132025年2月16日 11:41:12
*.google-analytics.com2024年12月9日 08:36:182025年3月3日 08:36:17
www.clarity.ms2024年9月4日 00:00:002025年9月4日 23:59:59
*.carbonads.net2024年11月18日 11:39:112025年2月16日 11:39:10
a.clarity.ms2024年6月23日 10:17:342025年6月18日 10:17:34