Robot | Path | Permission |
GoogleBot | / | ✔ |
BingBot | / | ✔ |
BaiduSpider | / | ✔ |
YandexBot | / | ✔ |
Title | Consider deploying cross-origin resource |
Description | `Cross-Origin-Resource-Policy: same-origin` is always safe. `Cross-Origin-Resource-Policy: cross-site` is always |
Keywords | N/A |
WebSite | resourcepolicy.fyi |
Host IP | 45.79.251.140 |
Location | - |
Site | Rank |
US$2,274,278
Last updated: 2023-05-11 12:47:24
resourcepolicy.fyi has Semrush global rank of 4,653,918. resourcepolicy.fyi has an estimated worth of US$ 2,274,278, based on its estimated Ads revenue. resourcepolicy.fyi receives approximately 262,417 unique visitors each day. Its web server is located in -, with IP address 45.79.251.140. According to SiteAdvisor, resourcepolicy.fyi is safe to visit. |
Purchase/Sale Value | US$2,274,278 |
Daily Ads Revenue | US$2,100 |
Monthly Ads Revenue | US$62,981 |
Yearly Ads Revenue | US$755,761 |
Daily Unique Visitors | 17,495 |
Note: All traffic and earnings values are estimates. |
Host | Type | TTL | Data |
resourcepolicy.fyi. | A | 3600 | IP: 45.79.251.140 |
resourcepolicy.fyi. | AAAA | 3600 | IPV6: 2a01:7e01::f03c:92ff:fef9:738a |
resourcepolicy.fyi. | NS | 10800 | NS Record: ns-210-c.gandi.net. |
resourcepolicy.fyi. | NS | 10800 | NS Record: ns-163-b.gandi.net. |
resourcepolicy.fyi. | NS | 10800 | NS Record: ns-192-a.gandi.net. |
Consider deploying Cross-Origin Resource Policy The Cross-Origin-Resource-Policy ( CORP ) header allows you to control the set of origins that are empowered to include a resource. It is a robust defense against attacks like Spectre , as it allows browsers to block a given response before it enters an attacker’s process. The header has three values: same-origin , same-site , and cross-origin . Let’s look at each: § Limit usage with same-origin or same-site If a resource contains interesting information about a user, or is a response from an API that you don’t intend for others to use, then it’s quite likely that you would be well-served by asking the browser to ensure that it can’t leak into cross-origin contexts by adding the following response header to the relevant resources: Cross-Origin-Resource-Policy : same-origin Some applications can’t lock themselves to a single origin, as they rely on resources shared within a particular site. For example, consider mail.example.com and |
HTTP/1.1 301 Moved Permanently Server: nginx Date: Thu, 04 Nov 2021 19:12:59 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://resourcepolicy.fyi/ HTTP/2 200 server: nginx date: Thu, 04 Nov 2021 19:13:00 GMT content-type: text/html content-length: 11576 last-modified: Mon, 05 Oct 2020 18:51:30 GMT etag: "5f7b6b32-2d38" cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline' https://fonts.googleapis.com; font-src https://fonts.gstatic.com strict-transport-security: max-age=63072000; includeSubDomains; preload accept-ranges: bytes |
Domain Name: resourcepolicy.fyi Registry Domain ID: 8baa3d14829747468b056cbbf0cd77a3-DONUTS Registrar WHOIS Server: whois.gandi.net Registrar URL: https://www.gandi.net Updated Date: 2021-03-22T11:55:33Z Creation Date: 2020-04-16T10:59:44Z Registry Expiry Date: 2023-04-16T10:59:44Z Registrar: Gandi SAS Registrar IANA ID: 81 Registrar Abuse Contact Email: abuse@support.gandi.net Registrar Abuse Contact Phone: +33.170377661 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Registrant Country: DE Name Server: ns-192-a.gandi.net Name Server: ns-210-c.gandi.net Name Server: ns-163-b.gandi.net DNSSEC: unsigned >>> Last update of WHOIS database: 2021-10-29T09:36:14Z <<< |