Test Details: Pentest
Total of 83 URLs
FAIL-NEW: 0 FAIL-INPROG: 0 WARN-NEW: 13 WARN-INPROG: 0 INFO: 0 IGNORE: 0 PASS: 53
PASS: In Page Banner Information Leak [10009]
PASS: Cookie No HttpOnly Flag [10010]
PASS: Cookie Without Secure Flag [10011]
PASS: Content-Type Header Missing [10019]
PASS: Information Disclosure - Debug Error Messages [10023]
PASS: Information Disclosure - Sensitive Information in HTTP Referrer Header [10025]
PASS: HTTP Parameter Override [10026]
PASS: Open Redirect [10028]
PASS: Cookie Poisoning [10029]
PASS: User Controllable Charset [10030]
PASS: User Controllable HTML Element Attribute (Potential XSS) [10031]
PASS: Viewstate [10032]
PASS: Directory Browsing [10033]
PASS: Heartbleed OpenSSL Vulnerability (Indicative) [10034]
PASS: HTTP Server Response Header [10036]
PASS: Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) [10037]
PASS: X-Backend-Server Header Information Leak [10039]
PASS: Secure Pages Include Mixed Content [10040]
PASS: HTTP to HTTPS Insecure Transition in Form Post [10041]
PASS: HTTPS to HTTP Insecure Transition in Form Post [10042]
PASS: User Controllable JavaScript Event (XSS) [10043]
PASS: Big Redirect Detected (Potential Sensitive Information Leak) [10044]
PASS: Retrieved from Cache [10050]
PASS: X-ChromeLogger-Data (XCOLD) Header Information Leak [10052]
PASS: Cookie without SameSite Attribute [10054]
PASS: CSP [10055]
PASS: X-Debug-Token Information Leak [10056]
PASS: Username Hash Found [10057]
PASS: X-AspNet-Version Response Header [10061]
PASS: PII Disclosure [10062]
PASS: Timestamp Disclosure [10096]
PASS: Hash Disclosure [10097]
PASS: Cross-Domain Misconfiguration [10098]
PASS: Source Code Disclosure [10099]
PASS: Weak Authentication Method [10105]
PASS: Reverse Tabnabbing [10108]
PASS: Modern Web Application [10109]
PASS: Dangerous JS Functions [10110]
PASS: Authentication Request Identified [10111]
PASS: Session Management Response Identified [10112]
PASS: Verification Request Identified [10113]
PASS: Script Served From Malicious Domain (polyfill) [10115]
PASS: Absence of Anti-CSRF Tokens [10202]
PASS: Private IP Disclosure [2]
PASS: Session ID in URL Rewrite [3]
PASS: Script Passive Scan Rules [50001]
PASS: Stats Passive Scan Rule [50003]
PASS: Insecure JSF ViewState [90001]
PASS: Java Serialization Object [90002]
PASS: Charset Mismatch [90011]
PASS: Application Error Disclosure [90022]
PASS: WSDL File Detection [90030]
PASS: Loosely Scoped Cookie [90033]\
WARN-NEW: Vulnerable JS Library [10003] x 1
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/chunks/2.BAR5dNFu.js (200 OK)
WARN-NEW: Re-examine Cache-control Directives [10015] x 2
https://huggingface-projects-llama-2-13b-chat.hf.space/ (200 OK)
https://huggingface-projects-llama-2-13b-chat.hf.space/manifest.json (200 OK)
WARN-NEW: Cross-Domain JavaScript Source File Inclusion [10017] x 1
https://huggingface-projects-llama-2-13b-chat.hf.space/ (200 OK)
WARN-NEW: Missing Anti-clickjacking Header [10020] x 1
https://huggingface-projects-llama-2-13b-chat.hf.space/ (200 OK)
WARN-NEW: X-Content-Type-Options Header Missing [10021] x 12
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/assets/0.Ba8oMxFw.css (200 OK)
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/assets/AudioPlayer.d1C6RIRD.css (200 OK)
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/assets/DownloadLink.wTm37iHI.css (200 OK)
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/assets/Example.COmDoKuI.css (200 OK)
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/assets/Example.DiaQHWGN.css (200 OK)
WARN-NEW: Information Disclosure - Sensitive Information in URL [10024] x 1
https://huggingface-projects-llama-2-13b-chat.hf.space/gradio_api/queue/data?session_hash=wxp62p6pqn (200 OK)
WARN-NEW: Information Disclosure - Suspicious Comments [10027] x 2
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/chunks/2.BAR5dNFu.js (200 OK)
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/chunks/client.C3jGtqKS.js (200 OK)
WARN-NEW: Strict-Transport-Security Header Not Set [10035] x 11
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/assets/0.Ba8oMxFw.css (200 OK)
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/assets/AudioPlayer.d1C6RIRD.css (200 OK)
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/assets/DownloadLink.wTm37iHI.css (200 OK)
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/assets/Example.DiaQHWGN.css (200 OK)
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/assets/ImagePreview.sgQEmTRP.css (200 OK)
WARN-NEW: Content Security Policy (CSP) Header Not Set [10038] x 1
https://huggingface-projects-llama-2-13b-chat.hf.space/ (200 OK)
WARN-NEW: Non-Storable Content [10049] x 11
https://huggingface-projects-llama-2-13b-chat.hf.space/robots.txt (308 Permanent Redirect)
https://huggingface-projects-llama-2-13b-chat.hf.space/sitemap.xml (308 Permanent Redirect)
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/assets/AudioPlayer.d1C6RIRD.css (200 OK)
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/assets/DownloadLink.wTm37iHI.css (200 OK)
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/assets/Example.DiaQHWGN.css (200 OK)
WARN-NEW: Permissions Policy Header Not Set [10063] x 9
https://huggingface-projects-llama-2-13b-chat.hf.space/ (200 OK)
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/chunks/2.BAR5dNFu.js (200 OK)
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/chunks/client.C3jGtqKS.js (200 OK)
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/chunks/preload-helper.DpQnamwV.js (200 OK)
https://huggingface-projects-llama-2-13b-chat.hf.space/_app/immutable/chunks/stores.CCoqbOJV.js (200 OK)
WARN-NEW: Sub Resource Integrity Attribute Missing [90003] x 1
https://huggingface-projects-llama-2-13b-chat.hf.space/ (200 OK)
WARN-NEW: Insufficient Site Isolation Against Spectre Vulnerability [90004] x 2
https://huggingface-projects-llama-2-13b-chat.hf.space/ (200 OK)
https://huggingface-projects-llama-2-13b-chat.hf.space/ (200 OK)