The security scan report for "eaaf.org" is rated 「T」
Summary
Description:
We evaluate the overall security posture of your website and assign a report rating of「T」. Our detailed security scan report identifies key vulnerabilities in your website, including "Absence of Anti-CSRF Tokens", "Content Security Policy (CSP) Header Not Set", "Missing Anti-clickjacking Header", "Cookie No HttpOnly Flag", "Cookie Without Secure Flag", "Cookie without SameSite Attribute", "Cross-Domain JavaScript Source File Inclusion", "Secure Pages Include Mixed Content", "Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)", "Timestamp Disclosure - Unix", "X-Content-Type-Options Header Missing", "Strict-Transport-Security Header Not Set", "Information Disclosure - Suspicious Comments", "Modern Web Application", "Re-examine Cache-control Directives", "Session Management Response Identified". These weaknesses could compromise the security of your website and expose it to serious threats.
We strongly recommend that you take immediate action to address these identified risks. Our report includes detailed recommendations for each issue, guiding you on the steps you can take to strengthen your website's defenses and mitigate the risks. By promptly addressing these security concerns, you can ensure that your website remains stable, secure, and trustworthy for your visitors.
URL:
https://www.eaaf.orgReport time:
2024/10/17 12:43:14Grade:
T
Number of alerts:
67
Alerts
Low
Cookie No HttpOnly Flag
Cookie Without Secure Flag
Cookie without SameSite Attribute
Cross-Domain JavaScript Source File Inclusion
Secure Pages Include Mixed Content
Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)
Timestamp Disclosure - Unix
X-Content-Type-Options Header Missing
Strict-Transport-Security Header Not Set
Scan another URL