https://www.google.com/maps/embed?pb=%211m18%211m12%211m3%211d2561.0636974490676%212d19.953105716000376%213d50.06636872284548%212m3%211f0%212f0%213f0%213m2%211i1024%212i768%214f13.1%213m3%211m2%211s0x47165b185f36d53b%3A0x96d15ce836ab9dd3%212sTopolowa+31%2C+31-506+Krak%C3%B3w%2C+Polska%215e0%213m2%211spl%212sua%214v1592586226867%215m2%211spl%212sua

Category: Search Engine Clean Browsing

Keywords: data play learn share store using google policy search account collect content example privacy service started personal services including information


Last fetched: 2020-06-29T22:29:17.758803+00:00

HTTP status: 5 Sub-resource URL


TLS/SSL configuration report

TLS score
F
Grade capped at F
Certificate path cannot be verified to a known root certificate

See full SSL/TLS security report for www.google.com

Security-related HTTP headers

  • Server: mafe

    Announces web server software and optionally version details.

    Read more...

  • X-XSS-Protection: 0

    Controls an Cross-Site Scripting (XSS) filters built into the majority of web browsers. The filter is usually turned on by default anyway, but requirement to set the header to 1 became part of canonical set of "secure" HTTP headers. Over time, vulnerabilities in the "sanitizing" mode filter were found, so 1; mode=block became the recommended value. Some companies decided that they don't really need a browser-side XSS filter to mess with their web services which are XSS-free anyway and they became consciously disabling the XSS filter by setting the header to 0.

    Read more...

Content Security Policy

  • object-src 'none';base-uri 'self';script-src 'nonce-p4sPwA6Pt4noNslPkYFARQ==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1

Want second opinion? Try Google CSP Evaluator.

Sub-resources

Parent pages

Parent pages loading this resource.
Fully automated RESTful API is now available. Subscribe for your free trial today!