www.htmlyse.com - Home

Test DNS, SSL/TLS, HTTP and HTML

Test results for report-uri.com

Scanned on: Mon Aug 24 17:04:31 2020 GMT. Tested in 140 seconds

DNS Report

DNSSEC                 offered (OK)
Zone transfer (AXFR)   not allowed (OK)
CAA Record             offered (OK)
SPF Record             offered (OK)
DMARC Record           offered (OK)
MTA-STS                not offered
TLSRPT Record          not offered

Raw DNS Records

Name TTL Type Data
report-uri.com 3600 SOA carl.ns.cloudflare.com dns @ cloudflare.com 2034980425 10000 2400 604800 3600
report-uri.com 86400 NS carl.ns.cloudflare.com, IPv4: 172.64.33.106, IPv6: 2606:4700:58:0:0:0:adf5:3b6a
report-uri.com 86400 NS coco.ns.cloudflare.com, IPv4: 173.245.58.104, IPv6: 2803:f800:50:0:0:0:6ca2:c068
report-uri.com 300 A 104.17.183.88
report-uri.com 300 A 104.17.186.88
report-uri.com 300 A 104.17.184.88
report-uri.com 300 A 104.17.185.88
report-uri.com 300 A 104.17.182.88
report-uri.com 300 AAAA 2606:4700:0:0:0:0:6811:b658
report-uri.com 300 AAAA 2606:4700:0:0:0:0:6811:ba58
report-uri.com 300 AAAA 2606:4700:0:0:0:0:6811:b758
report-uri.com 300 AAAA 2606:4700:0:0:0:0:6811:b858
report-uri.com 300 AAAA 2606:4700:0:0:0:0:6811:b958
report-uri.com 3600 CAA 0 issue comodoca.com
report-uri.com 3600 CAA 0 issue digicert.com
report-uri.com 3600 CAA 0 issue letsencrypt.org
report-uri.com 3600 CAA 0 issuewild comodoca.com
report-uri.com 3600 CAA 0 issuewild digicert.com
report-uri.com 3600 CAA 0 issuewild letsencrypt.org
report-uri.com 300 MX 10 in1-smtp.messagingengine.com
report-uri.com 300 MX 20 in2-smtp.messagingengine.com
report-uri.com 300 TXT v=spf1 include:spf.messagingengine.com include:sendgrid.net ~all
report-uri.com 300 TXT google-site-verification=TlW7Q09G8VinBjSUlbeMgRkIyH2exbdi8n_6_yV5XYw
report-uri.com 300 TXT keybase-site-verification=fecR6oPwwAuXrQYLsKl0DuYx8PoA7HktPTzhy1t_Twg
report-uri.com 300 TXT brave-ledger-verification=0417931f3524fce9008852f4ca509b09fee5710f4cafad1a2c8fbc0ead1fca69
_dmarc.report-uri.com 300 TXT v=DMARC1; p=quarantine; rua= mailto : scotthelme-d @ dmarc.report-uri.com; ruf= mailto : scotthelme-d @ dmarc.report-uri.com; aspf=r; adkim=r
mta-sts.report-uri.com 300 A 104.17.182.88
mta-sts.report-uri.com 300 A 104.17.183.88
mta-sts.report-uri.com 300 A 104.17.186.88
mta-sts.report-uri.com 300 A 104.17.185.88
mta-sts.report-uri.com 300 A 104.17.184.88
mta-sts.report-uri.com 300 AAAA 2606:4700:0:0:0:0:6811:ba58
mta-sts.report-uri.com 300 AAAA 2606:4700:0:0:0:0:6811:b758
mta-sts.report-uri.com 300 AAAA 2606:4700:0:0:0:0:6811:b658
mta-sts.report-uri.com 300 AAAA 2606:4700:0:0:0:0:6811:b958
mta-sts.report-uri.com 300 AAAA 2606:4700:0:0:0:0:6811:b858
www.report-uri.com 300 A 104.17.186.88
www.report-uri.com 300 A 104.17.182.88
www.report-uri.com 300 A 104.17.183.88
www.report-uri.com 300 A 104.17.184.88
www.report-uri.com 300 A 104.17.185.88
www.report-uri.com 300 AAAA 2606:4700:0:0:0:0:6811:ba58
www.report-uri.com 300 AAAA 2606:4700:0:0:0:0:6811:b958
www.report-uri.com 300 AAAA 2606:4700:0:0:0:0:6811:b758
www.report-uri.com 300 AAAA 2606:4700:0:0:0:0:6811:b658
www.report-uri.com 300 AAAA 2606:4700:0:0:0:0:6811:b858

SSL/TLS Report

 Further IP addresses:   104.17.186.88 104.17.183.88 104.17.184.88
                         104.17.182.88 2606:4700::6811:b858
                         2606:4700::6811:b758 2606:4700::6811:ba58
                         2606:4700::6811:b658 2606:4700::6811:b958 
 A record via            supplied IP "104.17.185.88"
 rDNS (104.17.185.88):   --
 Service detected:       HTTP


 SSL/TLS protocols 
 SSLv2      not offered (OK)
 SSLv3      not offered (OK)
 TLS 1      not offered
 TLS 1.1    not offered
 TLS 1.2    offered (OK)
 TLS 1.3    offered (OK): final
 NPN/SPDY   h2, http/1.1 (advertised)
 ALPN/HTTP2 h2, http/1.1 (offered)

 SSL/TLS server implementation bugs 

 No bugs found.

 Cipher categories 

 NULL ciphers (no encryption)                  not offered (OK) -- NULL:eNULL
 Anonymous NULL Ciphers (no authentication)    not offered (OK) -- aNULL:ADH
 Export ciphers (w/o ADH+NULL)                 not offered (OK) -- EXPORT:!ADH:!NULL
 LOW: 64 Bit + DES encryption (w/o export)     not offered (OK) -- LOW:DES:!ADH:!EXP:!NULL
 Weak 128 Bit ciphers (SEED, IDEA, RC[2,4])    not offered (OK) -- MEDIUM:!aNULL:!AES:!CAMELLIA:!ARIA:!CHACHA20:!3DES
 Triple DES Ciphers (Medium)                   not offered (OK) -- 3DES:!aNULL:!ADH
 High encryption (AES+Camellia, no AEAD)       offered (OK) -- HIGH:!NULL:!aNULL:!DES:!3DES:!AESGCM:!CHACHA20:!AESGCM:!CamelliaGCM:!AESCCM8:!AESCCM
 Strong encryption (AEAD ciphers)              offered (OK) -- AESGCM:CHACHA20:AESGCM:CamelliaGCM:AESCCM8:AESCCM


 Robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 

 PFS is offered (OK)          TLS_AES_256_GCM_SHA384 
                              TLS_CHACHA20_POLY1305_SHA256 
                              ECDHE-ECDSA-CHACHA20-POLY1305-OLD 
                              ECDHE-RSA-CHACHA20-POLY1305-OLD 
                              ECDHE-RSA-AES256-GCM-SHA384 
                              ECDHE-ECDSA-AES256-GCM-SHA384 
                              ECDHE-RSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA384 
                              ECDHE-RSA-AES256-SHA ECDHE-ECDSA-AES256-SHA 
                              ECDHE-ECDSA-CHACHA20-POLY1305 
                              ECDHE-RSA-CHACHA20-POLY1305 
                              TLS_AES_128_GCM_SHA256 
                              ECDHE-RSA-AES128-GCM-SHA256 
                              ECDHE-ECDSA-AES128-GCM-SHA256 
                              ECDHE-RSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA256 
                              ECDHE-RSA-AES128-SHA ECDHE-ECDSA-AES128-SHA 
 Elliptic curves offered:     prime256v1 secp384r1 secp521r1 X25519 


 Server preferences 

 Has server cipher order?     yes (OK)
 Negotiated protocol          TLSv1.3
 Negotiated cipher            TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519)
 Cipher order
    TLSv1.2:   ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDHE-ECDSA-CHACHA20-POLY1305 
               ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA 
               ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 
               ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES256-SHA384 
               ECDHE-RSA-CHACHA20-POLY1305-OLD ECDHE-RSA-CHACHA20-POLY1305 
               ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA 
               ECDHE-RSA-AES128-SHA256 AES128-GCM-SHA256 AES128-SHA 
               AES128-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA 
               ECDHE-RSA-AES256-SHA384 AES256-GCM-SHA384 AES256-SHA 
               AES256-SHA256 
    TLSv1.3:   TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 
               TLS_AES_128_GCM_SHA256 


 Server defaults (Server Hello) 

 TLS extensions (standard)    "server name/#0" "renegotiation info/#65281"
                              "EC point formats/#11" "session ticket/#35"
                              "next protocol/#13172" "key share/#51"
                              "supported versions/#43"
                              "extended master secret/#23"
                              "application layer protocol negotiation/#16"
 Session Ticket RFC 5077 hint 64800 seconds, session tickets keys seems to be rotated < daily
 SSL Session ID support       yes
 Session Resumption           Tickets: yes, ID: yes
 TLS clock skew               +35 sec from localtime

  Server Certificate #1
   Signature Algorithm          SHA256 with RSA
   Server key size              RSA 2048 bits
   Server key usage             Digital Signature, Key Encipherment
   Server extended key usage    TLS Web Server Authentication, TLS Web Client Authentication
   Serial / Fingerprints        01360550A52BEEF9720E3209B29422E1 / SHA1 B922096519E35EA06C197DFB3E98F57EE5C5360E
                                SHA256 046C1428C600CC3D1957745FF99C43F626FAF59D722D86F3D1356B05A11050EC
   Common Name (CN)             sni.cloudflaressl.com (request w/o SNI didn't succeed)
   subjectAltName (SAN)         *.report-uri.com report-uri.com
                                sni.cloudflaressl.com 
   Issuer                       Cloudflare Inc RSA CA-2 (Cloudflare, Inc. from US)
   Trust (hostname)             Ok via SAN (SNI mandatory)
   Chain of trust               Ok   
   EV cert (experimental)       no 
   Certificate Validity (UTC)   355 >= 60 days (2020-08-15 00:00 --> 2021-08-15 12:00)
   # of certificates provided   2
   Certificate Revocation List  http://crl3.digicert.com/CloudflareIncRSACA-2.crl
                                http://crl4.digicert.com/CloudflareIncRSACA-2.crl
   OCSP URI                     http://ocsp.digicert.com
   OCSP stapling                not offered
   OCSP must staple extension   --
   DNS CAA RR (experimental)    available - please check for match with "Issuer" above
                                issue=comodoca.com, issue=digicert.com,
                                issue=letsencrypt.org, issuewild=comodoca.com,
                                issuewild=digicert.com,
                                issuewild=letsencrypt.org
   Certificate Transparency     yes (certificate extension)

  Server Certificate #2
   Signature Algorithm          ECDSA with SHA256
   Server key size              EC 256 bits
   Server key usage             Digital Signature
   Server extended key usage    TLS Web Server Authentication, TLS Web Client Authentication
   Serial / Fingerprints        0D67596F3F8FFCE70A7407B5B8B59D84 / SHA1 89964C1978BA7FB51DE7266FD3E5E66C28938F8D
                                SHA256 A9FC8A5173C738EF8A6A5753AC621687AA27A57EAADF5C08E0B4965BCCB068FF
   Common Name (CN)             sni.cloudflaressl.com (request w/o SNI didn't succeed, usual for EC certificates)
   subjectAltName (SAN)         *.report-uri.com sni.cloudflaressl.com
                                report-uri.com 
   Issuer                       Cloudflare Inc ECC CA-3 (Cloudflare, Inc. from US)
   Trust (hostname)             Ok via SAN (SNI mandatory)
   Chain of trust               Ok   
   EV cert (experimental)       no 
   Certificate Validity (UTC)   355 >= 60 days (2020-08-15 00:00 --> 2021-08-15 12:00)
   # of certificates provided   2
   Certificate Revocation List  http://crl3.digicert.com/CloudflareIncECCCA-3.crl
                                http://crl4.digicert.com/CloudflareIncECCCA-3.crl
   OCSP URI                     http://ocsp.digicert.com
   OCSP stapling                not offered
   OCSP must staple extension   --
   DNS CAA RR (experimental)    available - please check for match with "Issuer" above
                                issue=comodoca.com, issue=digicert.com,
                                issue=letsencrypt.org, issuewild=comodoca.com,
                                issuewild=digicert.com,
                                issuewild=letsencrypt.org
   Certificate Transparency     yes (certificate extension)


 HTTP header response @ "/" 

 HTTP Status Code             200 OK
 HTTP clock skew              +36 sec from localtime
 Strict Transport Security    730 days=63113904 s, includeSubDomains, preload
 Public Key Pinning           --
 Server banner                cloudflare
 Application banner           --
 Cookie(s)                    4 issued: 4/4 secure, 4/4 HttpOnly
 Security headers             X-Frame-Options DENY
                              X-XSS-Protection 1; mode=block;
                              report=https://scotthelme.report-uri.com/r/d/xss/enforce
                              X-Content-Type-Options nosniff
                              Content-Security-Policy default-src 'self'; script-src cdn.report-uri.com
                              api.stripe.com js.stripe.com
                              www.google-analytics.com www.gstatic.com
                              www.google.com; style-src 'self' 'unsafe-inline'
                              cdn.report-uri.com; img-src 'self' data:
                              cdn.report-uri.com www.google-analytics.com;
                              font-src 'self' cdn.report-uri.com; connect-src
                              'self' api.stripe.com; frame-ancestors
                              *.cloudflareworkers.com *.cloudflare.com;
                              form-action 'self' hooks.stripe.com; frame-src
                              js.stripe.com www.google.com; child-src
                              js.stripe.com www.google.com;
                              upgrade-insecure-requests; report-uri
                              https://scotthelme.report-uri.com/r/d/csp/enforce; 
                              eport-to default
                              Content-Security-Policy-Report-Only default-src 'self'; script-src cdn.report-uri.com
                              api.stripe.com js.stripe.com
                              www.google-analytics.com www.gstatic.com
                              www.google.com
                              'nonce-MzA4MzY4MTk3Nyw4NTU1MDM5NTc='; style-src
                              'self' 'unsafe-inline' cdn.report-uri.com;
                              img-src 'self' data: cdn.report-uri.com
                              www.google-analytics.com; font-src 'self'
                              cdn.report-uri.com; connect-src 'self'
                              api.stripe.com; frame-ancestors
                              *.cloudflareworkers.com *.cloudflare.com;
                              form-action 'self' hooks.stripe.com; frame-src
                              js.stripe.com www.google.com; child-src
                              js.stripe.com www.google.com;
                              upgrade-insecure-requests; report-uri
                              https://scotthelme.report-uri.com/r/d/csp/enforce; 
                              eport-to default
                              Expect-CT max-age=3600,
                              report-uri="https://scotthelme.report-uri.com/r/d/ct/reportOnly"
                              Referrer-Policy strict-origin-when-cross-origin
 Reverse Proxy banner         --


 SSL/TLS vulnerabilities 

 Heartbleed (CVE-2014-0160)                not vulnerable (OK), no heartbeat extension
 CCS (CVE-2014-0224)                       not vulnerable (OK)
 Ticketbleed (CVE-2016-9244), experiment.  not vulnerable (OK)
 ROBOT                                     not vulnerable (OK)
 Secure Renegotiation (CVE-2009-3555)      not vulnerable (OK)
 Secure Client-Initiated Renegotiation     not vulnerable (OK)
 CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
 BREACH (CVE-2013-3587)                    potentially NOT ok, uses br HTTP compression. - only supplied "/" tested
                                           Can be ignored for static pages or if no secrets in the page
 POODLE, SSL (CVE-2014-3566)               not vulnerable (OK)
 TLS_FALLBACK_SCSV (RFC 7507)              No fallback possible, no protocol below TLS 1.2 offered (OK)
 SWEET32 (CVE-2016-2183, CVE-2016-6329)    not vulnerable (OK)
 FREAK (CVE-2015-0204)                     not vulnerable (OK)
 DROWN (CVE-2016-0800, CVE-2016-0703)      not vulnerable on this host and port (OK)
                                           make sure you don't use this certificate elsewhere with SSLv2 enabled services
                                           https://censys.io/ipv4?q=046C1428C600CC3D1957745FF99C43F626FAF59D722D86F3D1356B05A11050EC
                                           could help you to find out
 LOGJAM (CVE-2015-4000), experimental      not vulnerable (OK): no DH EXPORT ciphers, no DH key detected
 BEAST (CVE-2011-3389)                     no SSL3 or TLS1 (OK)
 LUCKY13 (CVE-2013-0169), experimental     potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches
 RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)


 Tested 364 ciphers, ordered by encryption strength 

Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.   Encryption  Bits     Cipher Suite Name (RFC)
-----------------------------------------------------------------------------------------------------------------------------
 x1302   TLS_AES_256_GCM_SHA384            ECDH 253   AESGCM      256      TLS_AES_256_GCM_SHA384                             
 x1303   TLS_CHACHA20_POLY1305_SHA256      ECDH 253   ChaCha20    256      TLS_CHACHA20_POLY1305_SHA256                       
 xcc14   ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDH 256   ChaCha20    256      TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD  
 xcc13   ECDHE-RSA-CHACHA20-POLY1305-OLD   ECDH 256   ChaCha20    256      TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD    
 xc030   ECDHE-RSA-AES256-GCM-SHA384       ECDH 256   AESGCM      256      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384              
 xc02c   ECDHE-ECDSA-AES256-GCM-SHA384     ECDH 256   AESGCM      256      TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384            
 xc028   ECDHE-RSA-AES256-SHA384           ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384              
 xc024   ECDHE-ECDSA-AES256-SHA384         ECDH 256   AES         256      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384            
 xc014   ECDHE-RSA-AES256-SHA              ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA                 
 xc00a   ECDHE-ECDSA-AES256-SHA            ECDH 256   AES         256      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA               
 xcca9   ECDHE-ECDSA-CHACHA20-POLY1305     ECDH 253   ChaCha20    256      TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256      
 xcca8   ECDHE-RSA-CHACHA20-POLY1305       ECDH 253   ChaCha20    256      TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256        
 x9d     AES256-GCM-SHA384                 RSA        AESGCM      256      TLS_RSA_WITH_AES_256_GCM_SHA384                    
 x3d     AES256-SHA256                     RSA        AES         256      TLS_RSA_WITH_AES_256_CBC_SHA256                    
 x35     AES256-SHA                        RSA        AES         256      TLS_RSA_WITH_AES_256_CBC_SHA                       
 x1301   TLS_AES_128_GCM_SHA256            ECDH 253   AESGCM      128      TLS_AES_128_GCM_SHA256                             
 xc02f   ECDHE-RSA-AES128-GCM-SHA256       ECDH 256   AESGCM      128      TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256              
 xc02b   ECDHE-ECDSA-AES128-GCM-SHA256     ECDH 256   AESGCM      128      TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256            
 xc027   ECDHE-RSA-AES128-SHA256           ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256              
 xc023   ECDHE-ECDSA-AES128-SHA256         ECDH 256   AES         128      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256            
 xc013   ECDHE-RSA-AES128-SHA              ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA                 
 xc009   ECDHE-ECDSA-AES128-SHA            ECDH 256   AES         128      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA               
 x9c     AES128-GCM-SHA256                 RSA        AESGCM      128      TLS_RSA_WITH_AES_128_GCM_SHA256                    
 x3c     AES128-SHA256                     RSA        AES         128      TLS_RSA_WITH_AES_128_CBC_SHA256                    
 x2f     AES128-SHA                        RSA        AES         128      TLS_RSA_WITH_AES_128_CBC_SHA                       


 Ciphers per protocol, ordered by encryption strength 

Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.   Encryption  Bits     Cipher Suite Name (RFC)
-----------------------------------------------------------------------------------------------------------------------------
TLS 1.3  
 x1302   TLS_AES_256_GCM_SHA384            ECDH 253   AESGCM      256      TLS_AES_256_GCM_SHA384                             
 x1303   TLS_CHACHA20_POLY1305_SHA256      ECDH 253   ChaCha20    256      TLS_CHACHA20_POLY1305_SHA256                       
 x1301   TLS_AES_128_GCM_SHA256            ECDH 253   AESGCM      128      TLS_AES_128_GCM_SHA256                             
TLS 1.2  
 xcc14   ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDH 256   ChaCha20    256      TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD  
 xcc13   ECDHE-RSA-CHACHA20-POLY1305-OLD   ECDH 256   ChaCha20    256      TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD    
 xc030   ECDHE-RSA-AES256-GCM-SHA384       ECDH 256   AESGCM      256      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384              
 xc02c   ECDHE-ECDSA-AES256-GCM-SHA384     ECDH 256   AESGCM      256      TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384            
 xc028   ECDHE-RSA-AES256-SHA384           ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384              
 xc024   ECDHE-ECDSA-AES256-SHA384         ECDH 256   AES         256      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384            
 xc014   ECDHE-RSA-AES256-SHA              ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA                 
 xc00a   ECDHE-ECDSA-AES256-SHA            ECDH 256   AES         256      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA               
 xcca9   ECDHE-ECDSA-CHACHA20-POLY1305     ECDH 253   ChaCha20    256      TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256      
 xcca8   ECDHE-RSA-CHACHA20-POLY1305       ECDH 253   ChaCha20    256      TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256        
 x9d     AES256-GCM-SHA384                 RSA        AESGCM      256      TLS_RSA_WITH_AES_256_GCM_SHA384                    
 x3d     AES256-SHA256                     RSA        AES         256      TLS_RSA_WITH_AES_256_CBC_SHA256                    
 x35     AES256-SHA                        RSA        AES         256      TLS_RSA_WITH_AES_256_CBC_SHA                       
 xc02f   ECDHE-RSA-AES128-GCM-SHA256       ECDH 256   AESGCM      128      TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256              
 xc02b   ECDHE-ECDSA-AES128-GCM-SHA256     ECDH 256   AESGCM      128      TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256            
 xc027   ECDHE-RSA-AES128-SHA256           ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256              
 xc023   ECDHE-ECDSA-AES128-SHA256         ECDH 256   AES         128      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256            
 xc013   ECDHE-RSA-AES128-SHA              ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA                 
 xc009   ECDHE-ECDSA-AES128-SHA            ECDH 256   AES         128      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA               
 x9c     AES128-GCM-SHA256                 RSA        AESGCM      128      TLS_RSA_WITH_AES_128_GCM_SHA256                    
 x3c     AES128-SHA256                     RSA        AES         128      TLS_RSA_WITH_AES_128_CBC_SHA256                    
 x2f     AES128-SHA                        RSA        AES         128      TLS_RSA_WITH_AES_128_CBC_SHA                       
TLS 1.1  
TLS 1  
SSLv3  
SSLv2  

 Client simulations 

 Android 2.3.7                No connection
 Android 4.0.4                No connection
 Android 4.1.1                No connection
 Android 4.2.2                No connection
 Android 4.3                  No connection
 Android 4.4.2                TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Android 5.0.0                TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH (P-256)
 Android 6.0                  TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH (P-256)
 Android 7.0                  TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305, 253 bit ECDH (X25519)
 Chrome 27 Win 7              No connection
 Chrome 28 Win 7              No connection
 Chrome 29 Win 7              No connection
 Chrome 30 Win 7              TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
 Chrome 31 Win 7              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 32 Win 7              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 33 Win 7              TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH (P-256)
 Chrome 34 OS X               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 35 Win 7              TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH (P-256)
 Chrome 36 Win 7              TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH (P-256)
 Chrome 37 OS X               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 39 OS X               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 40 OS X               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 42 OS X               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 43 OS X               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 45 OS X               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 47 OS X               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 48 OS X               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 49 Win 7              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 49 XP SP3             TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 50 Win 7              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
 Chrome 51 Win 7              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
 Chrome 57 Win 7              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
 Chrome 65 Win 7              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
 Chrome 69 Win 7              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
 Chrome 70 Win 10             TLSv1.3 TLS_AES_128_GCM_SHA256, 253 bit ECDH (X25519)
 Firefox 10.0.12 ESR Win 7    No connection
 Firefox 17.0.7 ESR Win 7     No connection
 Firefox 21 Fedora 19         No connection
 Firefox 21 Win 7             No connection
 Firefox 22 Win 7             No connection
 Firefox 24.2.0 ESR Win 7     No connection
 Firefox 24 Win 7             No connection
 Firefox 26 Win 8             No connection
 Firefox 27 Win 8             TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 29 OS X              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 30 OS X              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 31.3.0 ESR Win 7     TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 31 OS X              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 32 OS X              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 34 OS X              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 35 OS X              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 37 OS X              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 39 OS X              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 41 OS X              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 42 OS X              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 44 OS X              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 45 Win 7             TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 46 Win 7             TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 47 Win 7             TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 49 Win 7             TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 49 XP SP3            TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 53 Win 7             TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
 Firefox 59 Win 7             TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
 Firefox 62 Win 7             TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
 IE 6 XP                      No connection
 IE 7 Vista                   No connection
 IE 8-10 Win 7                No connection
 IE 8 Win 7                   No connection
 IE 8 XP                      No connection
 IE 9 Win 7                   No connection
 IE 10 Win Phone 8.0          No connection
 IE 11 Win 7                  TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 IE 11 Win 8.1                TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 IE 11 Win Phone 8.1          TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 IE 11 Win Phone 8.1 Update   TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 IE 11 Win 10                 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 IE 11 Win 10 Preview         TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Edge 12 Win 10               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Edge 13 Win 10               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Edge 13 Win Phone 10         TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Edge 15 Win 10               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
 Opera 12.15 Win 7            No connection
 Opera 15 Win 7               No connection
 Opera 16 Win 7               No connection
 Opera 17 Win 7               TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
 Safari 5.1.9 OS X 10.6.8     No connection
 Safari 5 iOS 5.1.1           TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
 Safari 6.0.4 OS X 10.8.4     No connection
 Safari 6 iOS 6.0.1           TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
 Safari 7 iOS 7.1             TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
 Safari 7 OS X 10.9           TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
 Safari 8 iOS 8.0 Beta        TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
 Safari 8 iOS 8.4             TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
 Safari 8 OS X 10.10          TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
 Safari 9 iOS 9               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Safari 9 OS X 10.11          TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Safari 10 iOS 10             TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Safari 10 OS X 10.12         TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Tor 17.0.9 Win 7             No connection
 Apple ATS 9 iOS 9            TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Baidu Jan 2015               No connection
 BingBot Dec 2013             No connection
 BingPreview Dec 2013         No connection
 BingPreview Jun 2014         No connection
 BingPreview Jan 2015         TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Googlebot Oct 2013           No connection
 Googlebot Jun 2014           No connection
 Googlebot Feb 2015           TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Googlebot Feb 2018           TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
 Yahoo Slurp Oct 2013         No connection
 Yahoo Slurp Jun 2014         TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Yahoo Slurp Jan 2015         TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 YandexBot 3.0                No connection
 YandexBot May 2014           No connection
 YandexBot Sep 2014           TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 YandexBot Jan 2015           TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Java 6u45                    No connection
 Java 7u25                    No connection
 Java 8b132                   TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Java 8u111                   TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Java 8u161                   TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Java 8u31                    TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Java 9.0.4                   TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 OpenSSL 0.9.8y               No connection
 OpenSSL 1.0.1h               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 OpenSSL 1.0.1l               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 OpenSSL 1.0.2e               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)

Security HTTP Headers

HTTP Strict Transport Security (HSTS)   offered (OK)
Content Security Policy (CSP)           offered (OK)
X-Frame-Options                         offered (OK)
X-XSS-Protection                        offered (OK)
X-Content-Type-Options                  offered (OK)
Expect-CT                               offered (OK)
Referrer Policy                         offered (OK)
Feature Policy                          offered (OK)
Web Server Version Disclosure           not offered (OK)
Web Application Disclosure              not offered (OK)
HTTP Public Key Pins (HPKP)             not offered, deprecated

Connection Performance
Keep Alive Connection                   offered (OK)
Content Encoding (Compression)          offered (Brotli) OK, for static pages or if no secrets in the page

Raw HTTP Headers

HTTP/1.1 200 OK
Alt-Svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
CF-Cache-Status DYNAMIC
CF-Ray 5c7ea4bb8d310605-FRA
Cache-Control no-store, no-cache, must-revalidate
Cf-Request-Id 04c305493800000605f1a10200000001
Connection keep-alive
Content-Encoding br
Content-Security-Policy default-src 'self'; script-src cdn.report-uri.com api.stripe.com js.stripe.com www.google-analytics.com www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdn.report-uri.com; img-src 'self' data: cdn.report-uri.com www.google-analytics.com; font-src 'self' cdn.report-uri.com; connect-src 'self' api.stripe.com; frame-ancestors *.cloudflareworkers.com *.cloudflare.com; form-action 'self' hooks.stripe.com; frame-src js.stripe.com www.google.com; child-src js.stripe.com www.google.com; upgrade-insecure-requests; report-uri https://scotthelme.report-uri.com/r/d/csp/enforce; report-to default
Content-Security-Policy-Report-Only default-src 'self'; script-src cdn.report-uri.com api.stripe.com js.stripe.com www.google-analytics.com www.gstatic.com www.google.com 'nonce-MTg0MTU1Njc4NiwyMDk3OTc1NjMy'; style-src 'self' 'unsafe-inline' cdn.report-uri.com; img-src 'self' data: cdn.report-uri.com www.google-analytics.com; font-src 'self' cdn.report-uri.com; connect-src 'self' api.stripe.com; frame-ancestors *.cloudflareworkers.com *.cloudflare.com; form-action 'self' hooks.stripe.com; frame-src js.stripe.com www.google.com; child-src js.stripe.com www.google.com; upgrade-insecure-requests; report-uri https://scotthelme.report-uri.com/r/d/csp/enforce; report-to default
Content-Type text/html; charset=UTF-8
Date Mon, 24 Aug 2020 17:02:53 GMT
Expect-CT max-age=3600, report-uri="https://scotthelme.report-uri.com/r/d/ct/reportOnly"
Expires Thu, 19 Nov 1981 08:52:00 GMT
Feature-Policy camera 'none'; geolocation 'none'; microphone 'none'
NEL {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
Pragma no-cache
Referrer-Policy strict-origin-when-cross-origin
Report-To {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
Server cloudflare
Set-Cookie __cf_bm=1f97544670bf0c20dd7e84472813db6843b26e34-1598288573-1800-AfQYX2oZ6Ph1vsoXBZQhGrzJdIHuNS8/pL7ytMtv4o6XdLf/Z6nXLchmY27SiQj16ARxCC1b9u0WRIqaHME/0pI=; path=/; expires=Mon, 24-Aug-20 17:32:53 GMT; domain=.report-uri.com; HttpOnly; Secure; SameSite=None
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
Vary Accept-Encoding
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=https://scotthelme.report-uri.com/r/d/xss/enforce

Cleaned HTML

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<link rel="dns-prefetch" href="https://cdn.report-uri.com/" />
<link rel="preconnect" href="https://cdn.report-uri.com/" crossorigin="" />
<title>Report URI: Welcome to report-uri.com</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
<meta name="description" content="Report URI provides real-time security reporting for your site. We support Content Security Policy and many other modern browser security features." />
<meta property="og:site_name" content="Report URI" />
<meta property="og:title" content="Welcome to report-uri.com" />
<meta property="og:description" content="Report URI provides real-time security reporting for your site. We support Content Security Policy and many other modern browser security features." />
<meta property="og:type" content="website" />
<meta property="og:image" content="https://cdn.report-uri.com/img/twitter-card-summary.png" />
<meta property="og:url" content="" />
<meta name="twitter:card" content="summary" />
<meta name="twitter:site" content="@reporturi" />
<meta name="flattr:id" content="4jvyrv" />
<link rel="shortcut icon" href="https://cdn.report-uri.com/img/favicon.ico" />
<link rel="stylesheet" href="https://cdn.report-uri.com/fonts/fonts.min.css" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy" />
<link rel="stylesheet" href="https://cdn.report-uri.com/libs/twitter-bootstrap/3.3.5/css/bootstrap.min.css" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy" />
<link rel="stylesheet" href="https://cdn.report-uri.com/libs/fontawesome-pro/5.10.0-11/css/all.min.css" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy" />
<link rel="stylesheet" href="https://cdn.report-uri.com/libs/animate.css/3.5.2/animate.min.css" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy" />
<link rel="stylesheet" href="https://cdn.report-uri.com/libs/fancybox/2.1.3/jquery.fancybox.min.css" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy" />
<link rel="stylesheet" href="https://cdn.report-uri.com/libs/ion-rangeslider/2.2.0/css/ion.rangeSlider.css" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy" />
<link rel="stylesheet" href="https://cdn.report-uri.com/libs/ion-rangeslider/2.2.0/css/ion.rangeSlider.skinModern.min.css" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy" />
<link href="https://cdn.report-uri.com/css/components.min.css" rel="stylesheet" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy" />
<link href="https://cdn.report-uri.com/css/components-rounded.min.css" rel="stylesheet" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy" />
<link href="https://cdn.report-uri.com/css/slider.min.css?v=1.0.1" rel="stylesheet" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy" />
<link href="https://cdn.report-uri.com/css/style.min.css?v=1.0.4" rel="stylesheet" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy" />
<link href="https://cdn.report-uri.com/css/style-responsive.min.css?v=1.0.1" rel="stylesheet" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy" />
<link href="https://cdn.report-uri.com/css/red.min.css" rel="stylesheet" id="style-color" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy" />
<script id="cdnPath" type="text/json">
<![CDATA[
"https:\/\/cdn.report-uri.com\/"
]]>
</script>
<style type="text/css">
/*<![CDATA[*/
img.c4 {max-width: 100px}
div.c3 {text-align: center}
div.c2 {margin-top: 60px;}
a.c1 {font-style: italic}
/*]]>*/
</style>
</head>
<body class="menu-always-on-top one-page-nav">
<div class="header header-mobi-ext container row">
<div class="col-md-2 col-sm-2"><a class="scroll site-logo" href="/"><img src="https://cdn.report-uri.com/img/logo.svg" alt="report-uri.com logo" width="152" height="27" /></a></div>
<a href="javascript:void(0);" class="mobi-toggler fas fa-bars c1"></a>
<div class="col-md-10 pull-right">
<ul class="header-navigation">
<li class="current"><a href="/">Home</a></li>
<li class="dropdown pointer"><span class="">Products</span>
<ul class="dropdown-content">
<li class="dropdown-item"><a href="/products/content_security_policy">Content Security Policy</a></li>
<li class="dropdown-item"><a href="/products/dmarc_monitoring">DMARC Monitoring</a></li>
<li class="dropdown-item"><a href="/products/network_error_logging">Network Error Logging</a></li>
<li class="dropdown-item"><a href="/products/deprecation_reports">Deprecation Reports</a></li>
<li class="dropdown-item"><a href="/products/intervention_reports">Intervention Reports</a></li>
<li class="dropdown-item"><a href="/products/crash_reports">Crash Reports</a></li>
<li class="dropdown-item"><a href="/products/certificate_transparency_monitoring">Certificate Transparency</a></li>
<li class="dropdown-item"><a href="/products/expect_ct_reports">Expect-CT</a></li>
<li class="dropdown-item"><a href="/products/ocsp_expect_staple">OCSP Expect-Staple</a></li>
</ul>
</li>
<li class="dropdown pointer"><span class="">Solutions</span>
<ul class="dropdown-content">
<li class="dropdown-item"><a href="/solutions/cross_site_scripting">Cross-Site Scripting</a></li>
<li class="dropdown-item"><a href="/solutions/mixed_content_detection">Mixed-Content Detection</a></li>
<li class="dropdown-item"><a href="/solutions/clickjacking_protection">Clickjacking Protection</a></li>
<li class="dropdown-item"><a href="/solutions/magecart_protection">Magecart Protection</a></li>
<li class="dropdown-item"><a href="/solutions/fraudulent_emails">Spam Fighting</a></li>
<li class="dropdown-item"><a href="/solutions/email_deliverability">Email Deliverability</a></li>
</ul>
</li>
<li><a href="#prices">Pricing</a></li>
<li><a href="#contact">Contact</a></li>
<li><a href="/home/tools" class="site-link">Tools</a></li>
<li><a href="/login" class="site-link">Login</a></li>
<li><a href="/register" class="site-link">Register</a></li>
<li><a href="/home/about" class="site-link">About</a></li>
</ul>
</div>
</div>
<div class="promo-block" id="top">
<div id="carousel-example-generic" class="carousel slide carousel-slider carousel-inner item carousel-item-one active center-block center-block-wrap center-block-body c2" role="listbox">
<h2 id="headline-text" class="margin-bottom-20 animate-delay carousel-title-v1" data-animation="animated fadeInDown"><span class="color-grey">Real-Time</span> <span class="headline-text"><span class="color-red">Security</span> <span class="color-grey">Reporting</span></span> <span class="headline-text display-none"><span class="color-red">Error</span> <span class="color-grey">Tracking</span></span> <span class="headline-text display-none"><span class="color-red">DNS</span> <span class="color-grey">Monitoring</span></span> <span class="headline-text display-none"><span class="color-red">Application</span> <span class="color-grey">Health</span></span></h2>
<div class="animated flipInX hidden-xs promo-like-text">
<h2 class="text-center">Know exactly what's happening with your site<br />
before your users can even pick up the phone</h2>
</div>
</div>
</div>
<div class="prices-block content content-center container">
<div class="row margin-bottom-40 front-steps-wrapper front-steps-count-3">
<div class="col-md-4 col-sm-4 front-step-col front-step front-step1">
<h2>Deploy</h2>
<p>add a single line of code/config to enable reporting</p>
</div>
<div class="col-md-4 col-sm-4 front-step-col front-step front-step2">
<h2>Collect</h2>
<p>reports sent automatically from all of your visitors</p>
</div>
<div class="col-md-4 col-sm-4 front-step-col front-step front-step3">
<h2>Respond</h2>
<p>issues can be quickly identified and resolved</p>
</div>
</div>
<div class="row"><a href="/register"><button class="btn btn-primary" type="submit">Get started for FREE!</button></a><br />
No credit card required</div>
</div>
<div class="services-block content content-center container" id="services">
<h2>Our <strong>services</strong></h2>
<h4>We help you to deploy and monitor a wide range of security features</h4>
<div class="row">
<div class="col-md-4 col-sm-4 col-xs-12 item"><i class="far fa-sync"></i>
<h3>Automatic Browser Reporting</h3>
<p>Enable your users’ browsers to automatically<br />
report security threats</p>
</div>
<div class="col-md-4 col-sm-4 col-xs-12 item"><i class="fas fa-search"></i>
<h3>Attack Detection</h3>
<p>Detect web application attacks from the moment they begin</p>
</div>
<div class="col-md-4 col-sm-4 col-xs-12 item"><i class="fas fa-chart-bar"></i>
<h3>Centralised Monitoring</h3>
<p>View your web application’s historic and ongoing threats in a single unified portal</p>
</div>
</div>
</div>
<div class="choose-us-block content text-center margin-bottom-40 container" id="benefits">
<h2>Why <strong>choose</strong> us</h2>
<h4>We are the best real-time monitoring platform for cutting edge web standards. Our experience, focus and exposure allow us to take the hassle out of collecting, processing and understanding reports, giving you just the information you need. Did you know your customers' browsers can automatically send you all sorts of useful information about the security profile of your site?</h4>
<div class="row">
<div class="col-md-6 col-sm-6 col-xs-12 text-left"><img src="https://cdn.report-uri.com/img/choose-us.png" alt="Why choose us" class="img-responsive" /></div>
<div class="col-md-6 col-sm-6 col-xs-12 text-left panel-group" id="accordion1">
<div class="panel panel-default">
<div class="panel-heading">
<h5 class="panel-title"><a class="accordion-toggle" data-toggle="collapse" data-parent="#accordion1" href="#accordion1_1">HTTPS</a></h5>
</div>
<div id="accordion1_1" class="panel-collapse collapse in panel-body">
<p>Modern web standards enable the browser to tell you when you've misconfigured features such as HTTPS.</p>
<p>If you deploy HTTPS on your site but don't serve all content over HTTPS too, including content like images and stylesheets, the browser may present a warning to the user and even block the content from loading. Are your visitors getting warning messages you don't know about?</p>
</div>
</div>
<div class="panel panel-default">
<div class="panel-heading">
<h5 class="panel-title"><a class="accordion-toggle collapsed" data-toggle="collapse" data-parent="#accordion1" href="#accordion1_2">Detect Attacks</a></h5>
</div>
<div id="accordion1_2" class="panel-collapse collapse panel-body">
<p>The browser can tell you when an attacker is attempting to exploit your customers and indeed they can even tell you when those attacks have been successful.</p>
<p>There are various different ways attacks like this can happen including Cross-Site Scripting (XSS) and more recently we've seen browser extensions turn rogue and attack their user. You can learn about these attacks in real-time and respond quickly.</p>
</div>
</div>
<div class="panel panel-default">
<div class="panel-heading">
<h5 class="panel-title"><a class="accordion-toggle collapsed" data-toggle="collapse" data-parent="#accordion1" href="#accordion1_3">Compliance</a></h5>
</div>
<div id="accordion1_3" class="panel-collapse collapse panel-body">
<p>Is your website compliant and ready for the latest generation of web standards? The browser can tell you whether or not you meet these standards before they come into effect.</p>
<p>In 2018 a new web standard came into effect called Certificate Transparency, is your site compliant? You can ask your visitors' browser to analyse your site and check if it's compliant. If you aren't, the browser will submit a report detailing the problem.</p>
</div>
</div>
<div class="panel panel-default">
<div class="panel-heading">
<h5 class="panel-title"><a class="accordion-toggle collapsed" data-toggle="collapse" data-parent="#accordion1" href="#accordion1_4">Monitoring</a></h5>
</div>
<div id="accordion1_4" class="panel-collapse collapse panel-body">
<p>There are existing web standards already supported by many sites today that provide us better security and performance. It's easy to monitor your ongoing usage of these standards.</p>
<p>One of the easiest ways to boost the performance of your site and protect the privacy of your customers is OCSP Stapling. With monitoring enabled you can ensure that you continue to properly deploy and support OCSP Stapling by obtaining live feedback from the browser.</p>
</div>
</div>
</div>
</div>
</div>
<div class="facts-block content content-center">
<h2>Some facts about us</h2>
<div class="container row">
<div class="col-md-4 col-sm-4 col-xs-8 item"><strong>21k+</strong> Sites Monitored</div>
<div class="col-md-4 col-sm-4 col-xs-8 item"><strong>397b+</strong> Reports Processed</div>
<div class="col-md-4 col-sm-4 col-xs-8 item"><strong>10+</strong> Alexa Top 1,000</div>
</div>
</div>
<div class="prices-block content content-center container" id="prices">
<h2 class="margin-bottom-50"><strong>Simple</strong> Pricing</h2>
<div class="row col-md-4 col-sm-6 col-xs-12 col-md-offset-4 col-sm-offset-3 pricing-item">
<div class="pricing-head">
<h3>Select your usage</h3>
</div>
<div class="pricing-content">
<div class="pi-price"><strong>$<em><span id="price-price-integer">0</span></em>.<span id="price-price-decimal">00</span></strong>
<p>Per Month*</p>
</div>
<script id="plans" type="text/json">
<![CDATA[
[{"id":"reports-10000","name":"10 000 reports","reports":10000,"price":{"price":{"integer":"0","decimal":"00"}},"support":false,"teams":false,"link":"\/register\/"},{"id":"reports-50000","name":"50 000 reports","reports":50000,"price":{"price":{"integer":"9","decimal":"99"}},"support":false,"teams":false,"link":"\/register\/subscription\/reports-50000\/"},{"id":"reports-100000","name":"100 000 reports","reports":100000,"price":{"price":{"integer":"14","decimal":"99"}},"support":false,"teams":false,"link":"\/register\/subscription\/reports-100000\/"},{"id":"reports-250000","name":"250 000 reports","reports":250000,"price":{"price":{"integer":"24","decimal":"99"}},"support":false,"teams":false,"link":"\/register\/subscription\/reports-250000\/"},{"id":"reports-500000","name":"500 000 reports","reports":500000,"price":{"price":{"integer":"49","decimal":"99"}},"support":false,"teams":true,"link":"\/register\/subscription\/reports-500000\/"},{"id":"reports-750000","name":"750 000 reports","reports":750000,"price":{"price":{"integer":"74","decimal":"99"}},"support":false,"teams":true,"link":"\/register\/subscription\/reports-750000\/"},{"id":"reports-1000000","name":"1 000 000 reports","reports":1000000,"price":{"price":{"integer":"99","decimal":"99"}},"support":true,"teams":true,"link":"\/register\/subscription\/reports-1000000\/"},{"id":"reports-2500000","name":"2 500 000 reports","reports":2500000,"price":{"price":{"integer":"149","decimal":"99"}},"support":true,"teams":true,"link":"\/register\/subscription\/reports-2500000\/"},{"id":"reports-5000000","name":"5 000 000 reports","reports":5000000,"price":{"price":{"integer":"249","decimal":"99"}},"support":true,"teams":true,"link":"\/register\/subscription\/reports-5000000\/"}]
]]>
</script>
<p><input type="text" id="report_slider" name="report_slider" value="" data-from="" /></p>
<ul class="list-unstyled" id="plan-features">
<li><i class="fas fa-check"></i> <span id="reports">10 000</span> reports per month <span class="plan-reports-extra reports-5000000 hidden">(<a href="/#enterprise-accounts">Need more?</a>)</span></li>
<li><span class="plan-reports-except reports-10000 hidden"><i class="fas fa-check"></i> Unlimited sites monitored</span> <span class="plan-reports-extra reports-10000"><i class="fas fa-check"></i> 3 sites monitored</span></li>
<li><i class="fas fa-check"></i> 90 day retention</li>
<li><i id="team-access" class="fas fa-times"></i> Team Access</li>
<li><i id="email-support" class="fas fa-times"></i> Email Support</li>
</ul>
</div>
<div class="pricing-footer">
<p><a class="btn btn-default" href="/register/" id="sign-up">Sign Up</a></p>
* may be subject to VAT</div>
</div>
</div>
<div class="choose-us-block content text-center margin-bottom-40 container" id="enterprise-accounts">
<h2 class="margin-bottom-50"><strong>Enterprise</strong> Accounts</h2>
<div class="row col-md-6 col-sm-6 col-xs-12 col-md-offset-3 col-sm-offset-3">
<h4>We can tailor a package to your exact requirements with custom usage, billing and SLA. You need an enterprise account if you're looking for any of the following features, just get in touch!<br />
<a href="mailto:enterprise@report-uri.com">enterprise@report-uri.com</a></h4>
</div>
<div class="row pricing-content">
<div class="col-md-3 col-md-offset-2 col-sm-6 col-xs-12">
<ul class="list-unstyled">
<li class="enterprise"><i class="fas fa-check"></i> Invoicing</li>
<li class="enterprise"><i class="fas fa-check"></i> Managed/Dedicated Instance</li>
</ul>
</div>
<div class="col-md-3 col-sm-6 col-xs-12">
<ul class="list-unstyled">
<li class="enterprise"><i class="fas fa-check"></i> Geographic Hosting/Processing</li>
<li class="enterprise"><i class="fas fa-check"></i> Custom or Unlimited Usage</li>
</ul>
</div>
<div class="col-md-3 col-sm-6 col-xs-12">
<ul class="list-unstyled">
<li class="enterprise"><i class="fas fa-check"></i> Support SLA</li>
<li class="enterprise"><i class="fas fa-check"></i> Custom Terms</li>
</ul>
</div>
</div>
</div>
<div class="prices-block content content-center container" id="prices">
<h2 class="margin-bottom-40">We're <strong>Trusted</strong> By</h2>
<div class="row carousel slide" data-ride="carousel" id="testimonials-block">
<div class="carousel-inner">
<div class="item active row">
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/monzo.png" alt="monzo" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/natwest.png" alt="natwest" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/square.png" alt="square" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/rbs.png" alt="rbs" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/izettle.png" alt="izettle" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/tesco-bank.png" alt="tesco-bank" class="img-customer" /></div>
</div>
<div class="item row">
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/abc-au.png" alt="abc au" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/gizmodo.png" alt="gizmodo" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/huffpost.png" alt="huffington post" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/superuser.png" alt="super user" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/the-irish-times.png" alt="the irish times" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/rollingstone.png" alt="rolling stone" class="img-customer" /></div>
</div>
<div class="item row">
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/qualys.png" alt="qualys" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/nhs-england.png" alt="nhs england" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/virgin.png" alt="virgin" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/cdnjs.png" alt="cdn js" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/coop-se.png" alt="coop se" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/99designs.png" alt="99 designs" class="img-customer" /></div>
</div>
<div class="item row">
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/dnb.png" alt="DNB" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/okta.png" alt="Okta" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/pmc.png" alt="PMC" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/nsw-gov.png" alt="NSW Gov" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/sky-betting.png" alt="Sky Betting" class="img-customer" /></div>
<div class="col-md-2 col-sm-3 col-xs-6 customer-frame"><span class="helper"></span><img src="https://cdn.report-uri.com/img/customers/la-redoute.png" alt="La Redoute" class="img-customer" /></div>
</div>
</div>
<br />
<br />
<br />
<ol class="carousel-indicators">
<li data-target="#testimonials-block" data-slide-to="0" class="active"></li>
<li data-target="#testimonials-block" data-slide-to="1" class=""></li>
<li data-target="#testimonials-block" data-slide-to="2" class=""></li>
<li data-target="#testimonials-block" data-slide-to="3" class=""></li>
</ol>
</div>
</div>
<div class="testimonials-block content content-center margin-bottom-65 container" id="award-winning">
<h2 class="margin-bottom-20"><strong>Award</strong> Winning Service</h2>
<div class="carousel slide carousel-inner item active" data-ride="carousel" id="testimonials-block">
<blockquote>
<p>Best Emerging Technology 2018</p>
<p>"This is a completely new source of information that sites can use to better protect themselves and their visitors"</p>
</blockquote>
<br />
<span class="testimonials-name">SC Awards Europe Judges</span><br />
<br />
<div class="c3"><img src="https://cdn.report-uri.com/img/sc-awards-2018.png" /></div>
</div>
</div>
<div class="pre-footer container row" id="contact">
<div class="col-md-4 col-sm-6 pre-footer-col">
<h2>About us</h2>
<p>Report URI was founded to take the pain out of monitoring security policies like CSP and other modern security features. When you can easily monitor what's happening on your site in real time you react faster and more efficiently, allowing you to rectify issues without your users ever having to tell you.</p>
<p>Our platform is constantly evolving to help you, our users, better protect your users.</p>
</div>
<div class="col-md-4 col-sm-6 pre-footer-col">
<h2>Information</h2>
<address><a href="https://docs.report-uri.com" target="_blank" rel="noopener" title="Opens in new tab">Docs</a><br />
<a href="/home/terms_of_service">Terms of Service</a><br />
<a href="/home/privacy_policy">Privacy Policy</a>
<p>Report-URI Ltd. is a private limited company registered in England and Wales (Company No: 10943557)</p>
<p>VAT Number GB277368458</p>
</address>
</div>
<div class="col-md-4 col-sm-6 pre-footer-col">
<h2>Our Contacts</h2>
<address>Email: <a href="mailto:info@report-uri.com">info@report-uri.com</a><br />
Twitter: <a href="https://twitter.com/reporturi" target="_blank" rel="noopener">@reporturi</a><br />
Facebook: <a href="https://www.facebook.com/reporturi" target="_blank" rel="noopener">@reporturi</a></address>
<img src="https://cdn.report-uri.com/img/ce-badge.png" alt="Cyber Essentials Certified" class="img-responsive c4" /> View our <a href="https://cdn.report-uri.com/pdf/Report%20URI%20-%20Cyber%20Essentials.pdf" target="_blank" rel="noopener">certification</a></div>
</div>
<div class="footer container row">
<div class="col-md-6 col-sm-6 copyright">2020 © Report-URI Ltd. - ALL Rights Reserved.</div>
<div class="col-md-6 col-sm-6 text-right">
<ul class="social-icons">
<li><a class="facebook" data-original-title="facebook" href="https://www.facebook.com/reporturi" target="_blank" rel="noopener"></a></li>
<li><a class="twitter" data-original-title="twitter" href="https://twitter.com/reporturi" target="_blank" rel="noopener"></a></li>
<li><a class="github" data-original-title="github" href="https://github.com/report-uri" target="_blank" rel="noopener"></a></li>
</ul>
</div>
</div>
<a href="#top" class="go2top scroll fas fa-arrow-up c1"></a>
<script src="https://cdn.report-uri.com/libs/jquery/3.4.1/jquery.min.js" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/libs/jquery-migrate/3.1.0/jquery-migrate.min.js" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/libs/jqueryui/1.12.1/jquery-ui.min.js" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/libs/twitter-bootstrap/3.4.0/js/bootstrap.min.js" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/js/bootstrap-tabdrop.min.js" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://js.stripe.com/v3/" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/libs/bootstrap-hover-dropdown/2.0.10/bootstrap-hover-dropdown.min.js" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/libs/jQuery-slimScroll/1.3.3/jquery.slimscroll.min.js" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/libs/jquery.blockUI/2.66.0-2013.10.09/jquery.blockUI.min.js" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/libs/jquery-cookie/1.4.1/jquery.cookie.min.js" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/libs/bootstrap-switch/3.3.2/js/bootstrap-switch.min.js" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/libs/select2/3.5.2/select2.min.js" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/js/metronic.min.js" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/js/layout.min.js?v=1.0.1" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/js/layout-account.min.js" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/js/jquery.nav.min.js" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/js/setup.min.js?v=2" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/js/ga.min.js" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/libs/noUiSlider/14.1.1/nouislider.min.js" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/libs/ion-rangeslider/2.2.0/js/ion.rangeSlider.js" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
<script src="https://cdn.report-uri.com/js/slider.min.js?v=1.0.4" nonce="MTg0MTU1Njc4NiwyMDk3OTc1NjMy"></script>
</body>
</html>

Warnings Errors and Accessibility


Accessibility Checks:

line 82 column 1 - Access: [6.1.1.3]: style sheets require testing (style attribute).
line 476 column 1 - Access: [6.1.1.3]: style sheets require testing (style attribute).
line 34 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 34 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 34 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 34 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 34 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 34 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 41 column 38 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 46 column 21 - Access: [13.1.1.1]: link text not meaningful.
line 72 column 5 - Access: [13.1.1.1]: link text not meaningful.
line 73 column 5 - Access: [13.1.1.1]: link text not meaningful.
line 75 column 5 - Access: [13.1.1.1]: link text not meaningful.
line 140 column 1 - Access: [3.5.1.1]: headers improperly nested.
line 163 column 1 - Access: [3.5.1.1]: headers improperly nested.
line 164 column 1 - Access: [3.5.3.1]: header used to format text.
line 167 column 1 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 167 column 100 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 174 column 1 - Access: [13.1.1.1]: link text not meaningful.
line 267 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 267 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 267 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 267 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 267 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 267 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 268 column 4 - Access: [2.1.1.5]: ensure information not conveyed through color alone (input).
line 301 column 1 - Access: [3.5.3.1]: header used to format text.
line 335 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 335 column 124 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 338 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 338 column 128 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 341 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 341 column 126 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 344 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 344 column 120 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 347 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 347 column 128 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 350 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 350 column 134 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 357 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 357 column 126 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 360 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 360 column 128 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 363 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 363 column 137 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 366 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 366 column 133 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 369 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 369 column 144 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 372 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 372 column 139 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 379 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 379 column 126 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 382 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 382 column 136 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 385 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 385 column 126 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 388 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 388 column 125 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 391 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 391 column 128 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 394 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 394 column 133 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 401 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 401 column 120 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 404 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 404 column 122 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 407 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 407 column 120 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 410 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 410 column 128 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 413 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 413 column 136 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 416 column 29 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 416 column 134 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 445 column 1 - Access: [11.2.1.3]: replace deprecated html <center>.
line 445 column 9 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 445 column 9 - Access: [1.1.1.1]: <img> missing 'alt' text.
line 445 column 9 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 462 column 1 - Access: [10.1.1.2]: new windows require warning (_blank).
line 462 column 1 - Access: [13.1.1.1]: link text not meaningful.
line 473 column 10 - Access: [10.1.1.2]: new windows require warning (_blank).
line 474 column 11 - Access: [10.1.1.2]: new windows require warning (_blank).
line 476 column 1 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 477 column 10 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 477 column 10 - Access: [10.1.1.2]: new windows require warning (_blank).
line 490 column 5 - Access: [10.1.1.2]: new windows require warning (_blank).
line 490 column 5 - Access: [13.1.1.2]: link text missing.
line 491 column 5 - Access: [10.1.1.2]: new windows require warning (_blank).
line 491 column 5 - Access: [13.1.1.2]: link text missing.
line 492 column 5 - Access: [10.1.1.2]: new windows require warning (_blank).
line 492 column 5 - Access: [13.1.1.2]: link text missing.
line 499 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 499 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 499 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 499 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 499 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 499 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 500 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 500 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 500 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 500 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 500 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 500 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 501 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 501 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 501 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 501 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 501 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 501 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 502 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 502 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 502 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 502 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 502 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 502 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 503 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 503 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 503 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 503 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 503 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 503 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 504 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 504 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 504 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 504 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 504 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 504 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 505 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 505 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 505 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 505 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 505 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 505 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 506 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 506 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 506 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 506 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 506 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 506 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 507 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 507 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 507 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 507 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 507 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 507 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 508 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 508 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 508 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 508 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 508 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 508 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 509 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 509 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 509 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 509 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 509 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 509 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 510 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 510 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 510 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 510 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 510 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 510 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 511 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 511 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 511 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 511 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 511 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 511 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 512 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 512 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 512 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 512 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 512 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 512 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 513 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 513 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 513 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 513 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 513 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 513 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 514 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 514 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 514 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 514 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 514 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 514 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 515 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 515 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 515 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 515 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 515 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 515 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 516 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 516 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 516 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 516 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 516 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 516 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 517 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 517 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 517 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 517 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 517 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 517 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 518 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 518 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 518 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 518 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 518 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 518 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 519 column 1 - Access: [6.2.2.2]: text equivalents require updating (script).
line 519 column 1 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 519 column 1 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 519 column 1 - Access: [7.1.1.1]: remove flicker (script).
line 519 column 1 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 519 column 1 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 326 column 1 - Warning: <div> anchor "prices" already defined
line 435 column 1 - Warning: <div> anchor "testimonials-block" already defined
line 477 column 10 - Warning: <a> escaping malformed URI reference
line 477 column 10 - Warning: <a> illegal characters found in URI
line 21 column 1 - Warning: <link> proprietary attribute "nonce"
line 22 column 1 - Warning: <link> proprietary attribute "nonce"
line 23 column 1 - Warning: <link> proprietary attribute "nonce"
line 24 column 1 - Warning: <link> proprietary attribute "nonce"
line 25 column 1 - Warning: <link> proprietary attribute "nonce"
line 26 column 1 - Warning: <link> proprietary attribute "nonce"
line 27 column 1 - Warning: <link> proprietary attribute "nonce"
line 28 column 1 - Warning: <link> proprietary attribute "nonce"
line 29 column 1 - Warning: <link> proprietary attribute "nonce"
line 30 column 1 - Warning: <link> proprietary attribute "nonce"
line 31 column 1 - Warning: <link> proprietary attribute "nonce"
line 32 column 1 - Warning: <link> proprietary attribute "nonce"
line 33 column 1 - Warning: <link> proprietary attribute "nonce"
line 499 column 1 - Warning: <script> proprietary attribute "nonce"
line 500 column 1 - Warning: <script> proprietary attribute "nonce"
line 501 column 1 - Warning: <script> proprietary attribute "nonce"
line 502 column 1 - Warning: <script> proprietary attribute "nonce"
line 503 column 1 - Warning: <script> proprietary attribute "nonce"
line 504 column 1 - Warning: <script> proprietary attribute "nonce"
line 505 column 1 - Warning: <script> proprietary attribute "nonce"
line 506 column 1 - Warning: <script> proprietary attribute "nonce"
line 507 column 1 - Warning: <script> proprietary attribute "nonce"
line 508 column 1 - Warning: <script> proprietary attribute "nonce"
line 509 column 1 - Warning: <script> proprietary attribute "nonce"
line 510 column 1 - Warning: <script> proprietary attribute "nonce"
line 511 column 1 - Warning: <script> proprietary attribute "nonce"
line 512 column 1 - Warning: <script> proprietary attribute "nonce"
line 513 column 1 - Warning: <script> proprietary attribute "nonce"
line 514 column 1 - Warning: <script> proprietary attribute "nonce"
line 515 column 1 - Warning: <script> proprietary attribute "nonce"
line 516 column 1 - Warning: <script> proprietary attribute "nonce"
line 517 column 1 - Warning: <script> proprietary attribute "nonce"
line 518 column 1 - Warning: <script> proprietary attribute "nonce"
line 519 column 1 - Warning: <script> proprietary attribute "nonce"
Info: Document content looks like HTML5
<HTMLYSE> found 38 warnings and 0 errors!