Login

Security Headers Test

 HomeToolsSecurity Headers Test

205378

Total Scans

116194

High Risk Sites

88187

Medium Risk Sites

997

Low Risk Sites


Test For Security Headers & Get Instant Scan Report



Security Report Summary

Risk Level
Medium
Site https://doordash.com/
IP Address 104.18.35.30
Headers Information PERMISSIONS-POLICY CONTENT-SECURITY-POLICY X-XSS-PROTECTION X-PERMITTED-CROSS-DOMAIN-POLICIES STRICT-TRANSPORT-SECURITY X-FRAME-OPTIONS X-CONTENT-TYPE-OPTIONS REFERRER-POLICY
Date/Time April 23, 2025, 12:31 p.m.
Re-Scan

Missing Security Headers

PERMISSIONS-POLICY
Restricts feature access.
CONTENT-SECURITY-POLICY
Protects from XSS.
X-XSS-PROTECTION
Blocks XSS attacks.
X-PERMITTED-CROSS-DOMAIN-POLICIES
Manages cross-domain requests.

Available Security Headers

STRICT-TRANSPORT-SECURITY
Ensures HTTPS-only access.
X-FRAME-OPTIONS
Prevents clickjacking.
X-CONTENT-TYPE-OPTIONS
Prevents MIME-type sniffing.
REFERRER-POLICY
Controls Referer header.

Raw Headers

Date
Wed, 23 Apr 2025 07:01:01 GMT
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
Referrer-Policy
same-origin
Cache-Control
max-age=15
Expires
Wed, 23 Apr 2025 07:01:16 GMT
Set-Cookie
__cf_bm=8JhEzb5MymXgLT595sED.PmigogXPifFVhxHwJT9_IA-1745391661-1.0.1.1-afzCk1bhdBWpWFfSCwFyBG_.jQJRTayAXB12u0IOqC3.vNHmt9NoxkJytU4MAsAPRrCW8HrNH8fFfEvhcW4en9e_Ou1GCWKW2fC0pfdO4Q8; path=/; expires=Wed, 23-Apr-25 07:31:01 GMT; domain=.doordash.com; HttpOnly; Secure; SameSite=None
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Server
cloudflare
CF-RAY
934b7cba3b9d8587-BOM
alt-svc
h3=":443"; ma=86400

High Risk Sites

Medium Risk Sites

Low Risk Sites

Other Tools

Web Scanners

Wordpress Test

Run Test
Web Scanners

SSL Security Test

Run Test
Web Scanners

Website Security Test

Run Test
Web Scanners

Malicious URL Test

Run Test
Web Scanners

Reconnaissance

Run Test
Web Scanners

Malicious IP Test

Run Test