Security report of tsyndicate.com (Updated January, 2025)

Exclusive overview of your website security scan for tsyndicate.com. The scan, conducted on 2025-01-07, focusing on HTTP Header Analysis. Our precise investigation detected 17 issues and pinpointed unusual activities.

HTTP Security Report Summary

Passes tests: 0
Failed tests: 17
Total performed tests: 17

HTTP Security Headers

HSTS header: Failed Critical! Without CSP, your site is wide open to cross-site scripting (XSS) attacks, risking data theft and site defacement.

Check CSP header: Failed Critical! Without CSP, malicious scripts could be executed on your site, leading to data breaches and other serious security issues.

X-Frame-Options: Failed Warning! Failing to implement this header exposes users to potential clickjacking attacks.

X-XSS-Protection: Failed Warning! Without this header, your website may be more vulnerable to XSS attacks.

X-Content-Type-Options: Failed Warning! Not having this header could allow attackers to exploit MIME type vulnerabilities.

Referrer-Policy: Failed Warning! Without setting this header, sensitive information may be leaked through referrer URLs.

Permissions-Policy: Failed Warning! Lack of this header means less control over potentially security-sensitive browser features.

HTTP Public Key Pinning (HPKP): Failed Critical! Without HPKP, your users may be exposed to fraudulent certificates, compromising secure connections.

Cross-Origin Resource Sharing (CORS): Failed Warning! Without proper CORS settings, unauthorized domains may access resources, potentially exposing sensitive data.

Cross-Origin-Embedder-Policy: Failed Warning! Without this header, your site's content might be embedded into malicious sites.

Cross-Origin-Opener: Failed Warning! Lack of this header could allow attacks such as tab-nabbing.

Cross-Origin-Resource-Policy: Failed Warning! Without it, unauthorized sites might use your resources in potentially harmful ways.

Feature-Policy: Failed Warning! Failing to set this header leaves your users more exposed to certain types of attacks.

Expect-CT: Failed Warning! Without this header, connections might not adhere to Certificate Transparency requirements.

Timing-Allow-Origin: Failed Warning! Without this, attackers might gather sensitive timing information.

Server signature: Failed Warning! Exposing the server signature might provide attackers with valuable information to exploit known vulnerabilities.

X-recruiting-header: Info This header is not found, and its absence has no impact on security.

Raw Headers

SSL/TLS Analysis

SSL/TLS Certificate Expiration: Passed Sun, 02 Mar 2025 08:38:21 +0000

SSL/TLS Certificate Issuer: Passed Let's Encrypt

SSL/TLS Protocol Support: Failed

Insecure TLS1.0 supported

Insecure TLS1.1 supported

OK TLS1.2 supported

OK TLS1.3 supported

Insecure SSLv2 supported

Insecure SSLv3 supported

SSL/TLS Cipher Suite: Passed

OK - ECDHE-RSA-AES128-GCM-SHA256

OK - ECDHE-RSA-AES256-GCM-SHA384

OK - DHE-RSA-AES256-GCM-SHA384

OK - DHE-RSA-AES128-GCM-SHA256

OK - ECDHE-ECDSA-AES256-GCM-SHA384

OK - ECDHE-ECDSA-AES128-GCM-SHA256

Domain Security Report for tsyndicate.com

Navigating tsyndicate.com's Security Terrain

Scan another website:

SSL/TLS Analysis