https://www.bild.de/code/webtrekkwap,35166572.13-35439740.4-35166574.1-35439742.2.bild.js

Category: News

Keywords: auto bild geld mein nach news sich user hilfe jetzt sport bildde inhalt spiele digital politik premium bildplus lifestyle unterhaltung


Last fetched: 2018-03-20T23:51:27.203169+00:00

HTTP status: 5 Sub-resource URL


TLS/SSL configuration report

TLS score
A

See full SSL/TLS security report for www.bild.de

Security-related HTTP headers

  • Content-Security-Policy: upgrade-insecure-requests

    Content Security Policy is used by a web server to declare a list of trusted content types (images, scripts, media etc) and origins from which they can be safely loaded as intended by the website authors. The Content-Security-Policy-Report-Only header instruct the browser to enable CSP in enforcement mode.

    Read more...

  • Server: Apache

    Announces web server software and optionally version details.

    Read more...

  • Content-Security-Policy-Report-Only: script-src 'unsafe-inline' 'unsafe-eval' 'self' blob: data: https:; style-src 'self' 'unsafe-inline' blob: data: https:; default-src 'self' https:; img-src https: blob: data: android-webview-video-poster:; frame-src blob: data: https:; worker-src blob: data: https:; child-src blob: data: https:; object-src 'self'; font-src 'self' https: blob: data: safari-extension://*; media-src 'self' blob: data: https:; connect-src wss: blob: data: https:; report-uri /csp_ep

    Content Security Policy is used by a web server to declare a list of trusted content types (images, scripts, media etc) and origins from which they can be safely loaded as intended by the website authors. The Content-Security-Policy-Report-Only header instruct the browser to enable CSP in "report-only" mode where no content blocking is enforced and would-be-blocked origins are reported allowing website authors to fine-tune the policy.

    Read more...

Content Security Policy

  • upgrade-insecure-requests
  • script-src 'unsafe-inline' 'unsafe-eval' 'self' blob: data: https:; style-src 'self' 'unsafe-inline' blob: data: https:; default-src 'self' https:; img-src https: blob: data: android-webview-video-poster:; frame-src blob: data: https:; worker-src blob: data: https:; child-src blob: data: https:; object-src 'self'; font-src 'self' https: blob: data: safari-extension://*; media-src 'self' blob: data: https:; connect-src wss: blob: data: https:; report-uri /csp_ep

Publisher identifiers

The website uses the following advertisement publisher ids:

Fully automated RESTful API is now available. Subscribe for your free trial today!