All-in-one free web application security tool. Web application vulnerability and privacy scanner with support for HTTP cookies, Flash, HTML5 localStorage, sessionStorage, CANVAS, Supercookies, Evercookies. Includes a free SSL/TLS, HTML and HTTP vulnerability scanner and URL malware scanner.
Keywords: ncr city item rent sale sell condo email login metro estate manila mobile number posted search address minutes sponsored philippines
Last fetched: 2019-01-26T13:08:20.206724+00:00
HTTP status: 5 Sub-resource URL
Server: Apache/2.4.7 (Ubuntu)
Announces web server software and optionally version details.Read more...
The header exposes web server version details. These server no purpose apart from making life of security auditors and hackers easier, leading them straight to exploits for this particular version of product. WebCookies.org does offer security design and penetration testing services so we can help!-1
Transport Layer Security (TLS) is enabled+2
X-Frame-Options header is missing
X-XSS-Protection header is missing
X-Content-Type-Options header is missing
frame-ancestors 'self' app.optimizely.com *.optimizely.com *.optimizelyedit.com;
base-uri allows attackers to inject
base tags which override the base URI to an attacker-controlled origin. Set to
'none' unless you need to handle tricky relative URLs scheme
block-all-mixed-content directive if your website is only accessible over TLS and you are certain it doesn not have any legacy plaintext resources. Otherwise you may add adding
upgrade-insecure-requests directive if your website may still have some legacy plaintext HTTP resources and you want them to be still available rather than blocked
Want second opinion? Try Google CSP Evaluator.
The website uses the following advertisement publisher ids: