https://www.theaustralian.com.au/subscribe/news/1/index.html?sourceCode=TAWEB_WRE170_a&mode=premium&dest=https%3A%2F%2Fwww.theaustralian.com.au%2Fnews%2Fworld%2Fhistoric-castle-mont-saint-michel-transformed-by-tide-of-century%2Fnews-story%2Fa1549012182c061e8ca8eb64b77d5823%3Fnk%3D74a0c71e7edda82ffd61e4548dda7308-1526146088&memtype=anonymous

Category: News

Keywords: icon news tech check media accept chrome google safari select browser content cookies firefox opinion privacy enabling internet settings australian


Last fetched: 2018-05-12T17:28:57.731970+00:00

HTTP status: 5 Sub-resource URL


TLS/SSL configuration report

TLS score
A

See full SSL/TLS security report for www.theaustralian.com.au

Security-related HTTP headers

  • X-Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

    Legacy and deprecated variant of the Content-Security-Policy header used by WebKit browsers in the initial period.

    Read more...

  • Location: https://myaccount.news.com.au/sites/theaustralian/subscribe.html?sourceCode=TAWEB_WRE170_a&mode=premium&dest=https://www.theaustralian.com.au/news/world/historic-castle-mont-saint-michel-transformed-by-tide-of-century/news-story/a1549012182c061e8ca8eb64b77d5823?nk=74a0c71e7edda82ffd61e4548dda7308-1526146088&memtype=anonymous

    The HTTP Location header is being returned by a server to redirect the web browser to a new URL of the requested resource. The URL may be relative (/index.html) or absolute (https://example.com).

    Read more...

  • X-WebKit-CSP: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

    Legacy and deprecated variant of the Content-Security-Policy header used by WebKit browsers in the initial period.

    Read more...

  • Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

    Content Security Policy is used by a web server to declare a list of trusted content types (images, scripts, media etc) and origins from which they can be safely loaded as intended by the website authors. The Content-Security-Policy-Report-Only header instruct the browser to enable CSP in enforcement mode.

    Read more...

  • Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips

    Announces web server software and optionally version details.

    Read more...

Content Security Policy

  • block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
  • block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
  • block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Fully automated RESTful API is now available. Subscribe for your free trial today!