<!DOCTYPE HTML>
<html lang="en">
<head>
<title>Scan results for vpnsoft24.com</title>
<link rel="icon" type="image/png" href="/images/favicon.ico" />
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta name="description" content="These are the scan results for vpnsoft24.com which scored the grade R." />
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="keywords" content="security headers, http response headers, check headers, scan headers" />
<meta name="author" content="Scott Helme" />
<meta property="og:title" content="Scan results for vpnsoft24.com" />
<meta property="og:description" content="These are the scan results for vpnsoft24.com which scored the grade R." />
<meta property="og:url" content="https://securityheaders.com/?q=vpnsoft24.com" />
<meta property="og:image" content="https://securityheaders.com/images/R.png" />
<meta property="og:type" content="website" />
<meta property="twitter:card" content="summary" />
<meta property="twitter:title" content="Scan results for vpnsoft24.com" />
<meta property="twitter:description" content="These are the scan results for vpnsoft24.com which scored the grade R." />
<meta property="twitter:site" content="@securityheaders" />
<meta property="twitter:creator" content="@scott_helme" />
<meta property="twitter:img" content="https://securityheaders.com/images/R.png" />
<script src="/js/jquery/3.6.4/jquery.min.js"></script>
<script src="/js/skel/2.2.1/skel.min.js"></script>
<script src="/js/skel-layers/2.0.1/skel-layers.min.js"></script>
<script src="/js/jquery.dropotron.min.js"></script>
<script src="/js/init.min.js?v=1"></script>
<noscript>
<link rel="stylesheet" href="/css/skel/2.2.1/skel.min.css">
</noscript>
<!--[if lte IE 8]><link rel="stylesheet" href="/css/ie/v8.min.css" /><![endif]-->
<link rel="stylesheet" href="/css/style.min.css?v=1.0.19" />
<link rel="stylesheet" media="screen and (min-width: 737px)" href="/css/style-desktop.min.css?v=1.0.17" />
<link rel="stylesheet" media="screen and (min-width: 737px) and (max-width: 1200px)" href="/css/style-1000px.min.css?v=1.0.16" />
<link rel="stylesheet" media="screen and (max-width: 736px)" href="/css/style-mobile.min.css?v=1.0.18" />
<meta name="flattr:id" content="4jvyrv"> </head>
<body class="homepage" id="top">
<div id="header" class="grey">
<div class="container">
<div id="logo">
<h1><a href="/">Security Headers</a></h1>
<h3>Powered by <a href="https://prbly.us/42Dcvpp" target="_blank" rel="noreferrer noopener"><img class="sponsor-image" src="/images/probely_logo_white.png" alt="The logo of our sponsor, Probely."></a></h3>
</div>
<nav id="nav">
<ul>
<li><a href="/">Home</a></li>
<li>
<span>About</span>
<ul>
<li><a href="/about/">Who, Why & How</a></li>
<li><a href="/faq/">FAQ</a></li>
</ul>
</li>
<li>
<span>API</span>
<ul>
<li><a href="/api/">API Keys</a></li>
<li><a href="/api/terms/">Terms</a></li>
<li><a href="/api/docs/">Docs</a></li>
</ul>
</li>
</ul>
</nav> <div id="banner">
<header>
<h2 id="scan-your-site-now">Scan your site now</h2><br/>
<form method="get" action="https://securityheaders.com/" name="scan" id="scanForm">
<div>
<div>
<input type="url" name="q" id="q" placeholder="enter address here" autocorrect="off" autocapitalize="off" spellcheck="false" aria-labelledby="scan-your-site-now" value="vpnsoft24.com">
<input class="button big alt" value="Scan" type="submit" id="scan">
</div>
<div>
<input class="checkbox" type="checkbox" name="hide" id="hide"><label for="hide"> Hide results</label>
<input class="checkbox" type="checkbox" name="followRedirects" id="followRedirects">
<label for="followRedirects"> Follow redirects</label>
</div>
</div>
</form>
</header>
</div>
</div>
</div>
<div id="main">
<div class="container">
<div class="row">
<div class="12u">
<div class="reportSection push-top">
<div class="reportTitle">Security Report Summary</div>
<div class="reportBody">
<div class="row">
<div class="2u">
<div class="score">
<div class="score_grey"><span>R</span></div>
</div>
</div>
<div class="10u push-left">
<table class="reportTable">
<col class="col1">
<col class="col2">
<tbody>
<tr class="tableRow">
<th class="tableLabel">Redirect:</th>
<td class="tableCell"><a href="https://securityheaders.com/?q=https%3A%2F%2Fvpnsoft24.com%2F " rel="nofollow noreferrer noopener">Click here</a> to follow the redirect to https://vpnsoft24.com/.</td>
</tr>
<tr class="tableRow">
<th class="tableLabel">Site:</th>
<td class="tableCell">
<a href="http://vpnsoft24.com/" target="_blank" rel="nofollow noreferrer noopener">
http://vpnsoft24.com/</a>
- <a href="https://securityheaders.com/?q=https%3A%2F%2Fvpnsoft24.com%2F">(Scan again over https)</a>
</td>
</tr>
<tr class="tableRow">
<th class="tableLabel">IP Address:</th>
<td class="tableCell">
92.53.65.2 </td>
</tr>
<tr class="tableRow">
<th class="tableLabel">Report Time:</th>
<td class="tableCell">
20 May 2024 07:39:31 UTC
</td>
</tr>
<tr class="tableRow">
<th class="tableLabel">Headers:</th>
<td class="tableCell">
<ul class="pillList">
<li class="headerItem pill pill-red"><i class="fa fa-times"></i>Content-Security-Policy</li> <li class="headerItem pill pill-red"><i class="fa fa-times"></i>X-Frame-Options</li> <li class="headerItem pill pill-red"><i class="fa fa-times"></i>X-Content-Type-Options</li> <li class="headerItem pill pill-red"><i class="fa fa-times"></i>Referrer-Policy</li> <li class="headerItem pill pill-red"><i class="fa fa-times"></i>Permissions-Policy</li> </ul>
</td>
</tr>
<tr class="tableRow">
<th class="tableLabel">Warning:</th>
<td class="tableCell">
Grade capped at A, please see warnings below. </td>
</tr>
<tr class="tableRow"><th class="tableLabel">Advanced:</th>
<td class="tableCell">
<table><tr><td id="demo-button" width="80%">Perform a deeper security analysis of your website and APIs: </td><td id="demo-button" width="20%"><a href="https://prbly.us/42Dcvpp" target="_blank"><input class="button" value="Start Now" type="submit"></a></td></tr></table> </td></tr>
</tbody>
</table>
</div>
</div>
</div>
</div>
<div class="reportSection">
<div class="reportTitle">Missing Headers</div>
<div class="reportBody">
<table class="reportTable">
<colgroup><col class="col1"><col class="col2"></colgroup>
<tbody>
<tr class="tableRow"><th class="tableLabel table_red">Content-Security-Policy</th><td class="tableCell"><a href="https://scotthelme.co.uk/content-security-policy-an-introduction/" target="_blank">Content Security Policy</a> is an effective measure to protect your site from XSS attacks. By whitelisting sources of approved content, you can prevent the browser from loading malicious assets.</td></tr><tr class="tableRow"><th class="tableLabel table_red">X-Frame-Options</th><td class="tableCell"><a href="https://scotthelme.co.uk/hardening-your-http-response-headers/#x-frame-options" target="_blank">X-Frame-Options</a> tells the browser whether you want to allow your site to be framed or not. By preventing a browser from framing your site you can defend against attacks like clickjacking. Recommended value "X-Frame-Options: SAMEORIGIN". </td></tr><tr class="tableRow"><th class="tableLabel table_red">X-Content-Type-Options</th><td class="tableCell"><a href="https://scotthelme.co.uk/hardening-your-http-response-headers/#x-content-type-options" target="_blank">X-Content-Type-Options</a> stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. The only valid value for this header is "X-Content-Type-Options: nosniff".</td></tr><tr class="tableRow"><th class="tableLabel table_red">Referrer-Policy</th><td class="tableCell"><a href="https://scotthelme.co.uk/a-new-security-header-referrer-policy/" target="_blank">Referrer Policy</a> is a new header that allows a site to control how much information the browser includes with navigations away from a document and should be set by all sites.</td></tr><tr class="tableRow"><th class="tableLabel table_red">Permissions-Policy</th><td class="tableCell"><a href="https://scotthelme.co.uk/goodbye-feature-policy-and-hello-permissions-policy/" target="_blank">Permissions Policy</a> is a new header that allows a site to control which features and APIs can be used in the browser.</td></tr> </tbody>
</table>
</div>
</div>
<div class="reportSection">
<div class="reportTitle">Warnings</div>
<div class="reportBody">
<table class="reportTable">
<colgroup><col class="col1"><col class="col2"></colgroup>
<tbody>
<tr class="tableRow"><th class="tableLabel table_orange">Site is using HTTP</th><td class="tableCell">This site was served over HTTP and did not redirect to HTTPS.</td></tr> </tbody>
</table>
</div>
</div>
<div class="reportSection">
<div class="reportTitle">Raw Headers</div>
<div class="reportBody">
<table class="reportTable">
<colgroup>
<col class="col1">
<col class="col2">
</colgroup>
<tbody>
<tr class="tableRow"><th class="tableLabel table_#696E76">HTTP/1.1</th><td class="tableCell">301 Moved Permanently</td></tr><tr class="tableRow"><th class="tableLabel table_blue">Server</th><td class="tableCell">nginx</td></tr><tr class="tableRow"><th class="tableLabel table_#696E76">Date</th><td class="tableCell">Mon, 20 May 2024 07:39:35 GMT</td></tr><tr class="tableRow"><th class="tableLabel table_#696E76">Content-Type</th><td class="tableCell">text/html</td></tr><tr class="tableRow"><th class="tableLabel table_#696E76">Content-Length</th><td class="tableCell">162</td></tr><tr class="tableRow"><th class="tableLabel table_#696E76">Connection</th><td class="tableCell">keep-alive</td></tr><tr class="tableRow"><th class="tableLabel table_#696E76">Location</th><td class="tableCell">https://vpnsoft24.com/</td></tr> </tbody>
</table>
</div>
</div>
<div class="reportSection">
<div class="reportTitle">Upcoming Headers</div>
<div class="reportBody">
<table class="reportTable">
<colgroup><col class="col1"><col class="col2"></colgroup>
<tbody>
<tr class="tableRow"><th class="tableLabel table_blue">Cross-Origin-Embedder-Policy</th><td class="tableCell"><a href="https://scotthelme.co.uk/coop-and-coep/" target="_blank">Cross-Origin Embedder Policy</a> allows a site to prevent assets being loaded that do not grant permission to load them via CORS or CORP.</td></tr><tr class="tableRow"><th class="tableLabel table_blue">Cross-Origin-Opener-Policy</th><td class="tableCell"><a href="https://scotthelme.co.uk/coop-and-coep/" target="_blank">Cross-Origin Opener Policy</a> allows a site to opt-in to Cross-Origin Isolation in the browser.</td></tr><tr class="tableRow"><th class="tableLabel table_blue">Cross-Origin-Resource-Policy</th><td class="tableCell"><a href="https://scotthelme.co.uk/coop-and-coep/" target="_blank">Cross-Origin Resource Policy</a> allows a resource owner to specify who can load the resource.</td></tr> </tbody>
</table>
</div>
</div>
<div class="reportSection">
<div class="reportTitle">Additional Information</div>
<div class="reportBody">
<table class="reportTable">
<colgroup><col class="col1"><col class="col2"></colgroup>
<tbody>
<tr class="tableRow"><th class="tableLabel table_blue">Server</th><td class="tableCell">This <a href="https://scotthelme.co.uk/hardening-your-http-response-headers/#server" target="_blank">Server</a> header seems to advertise the software being run on the server but you can remove or change this value.</td></tr> </tbody>
</table>
</div>
</div>
</div>
</div>
</div>
</div>
<div id="copyright">
<div class="container">
<div class="row">
<div class="4u">
<span>A <a href="https://probely.com" target="_blank">probely.com</a> project - <a href="https://creativecommons.org/licenses/by-sa/4.0/deed.en_GB" target="_blank">CC-BY-SA 4.0</a></span>
</div>
<div class="4u" id="sponsor-footer">
<span>Powered by <a href="https://prbly.us/3Oed4l7" target="_blank">Probely</a></span>
</div>
<div class="4u">
<ul class="social">
<li><a href="https://twitter.com/securityheaders" class="icon fa-twitter"><span>Twitter</span></a></li>
<li><a href="https://www.facebook.com/secheaders/" class="icon fa-facebook"><span>Facebook</span></a></li>
<li><a href="/cdn-cgi/l/email-protection#c2abaca4ad82b1a7a1b7b0abb6bbaaa7a3a6a7b0b1eca1adaf" class="icon fa-envelope"><span>Email</span></a></li>
</ul>
</div>
</div>
</div>
</div> <script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script><script src="js/scan.js" type="text/javascript"></script>
</body>
</html>