Verdict:
Your web server does not offer Referrer-Policy.
Technical details:
Web server IP address Referrer-Policy value
185.199.109.153 None
Test explanation:
We check if your web server provides an HTTP header for Referrer-Policy. With this HTTP header you let browsers know which referrer information, that is sent in the Referer header, should be part of the website request. The Referer header contains the address of the previous web page from which the visitor followed a link to the requested page.
The information in the Referer header is mostly used for analytics and logging. However, there can be privacy and security risks. The information could be used e.g. for user tracking and the information could leak to third parties who eavesdrop the connection. With the HTTP header for Referrer-Policy you can mitigate these risks.
Currently, we do not evaluate the effectiveness of the configured Referrer-Policy value. However, we suggest making an informed decision, with privacy and security risks in mind, on using one of the policy values from the first two categories below.
Recommended policy values:
No sensitive data to third parties
no-referrer
same-origin
Sensitive data to third parties only via secure connections (HTTPS)
strict-origin
strict-origin-when-cross-origin
Not recommended policy values:
Sensitive data to third parties possibly via insecure connections (HTTP)
no-referrer-when-downgrade (browsers' default policy)
origin-when-cross-origin
origin
unsafe-url
Requirement level: Recommended
Verdict: Your web server does not offer Referrer-Policy.
Technical details: Web server IP address Referrer-Policy value 185.199.109.153 None Test explanation: We check if your web server provides an HTTP header for Referrer-Policy. With this HTTP header you let browsers know which referrer information, that is sent in the Referer header, should be part of the website request. The Referer header contains the address of the previous web page from which the visitor followed a link to the requested page.
The information in the Referer header is mostly used for analytics and logging. However, there can be privacy and security risks. The information could be used e.g. for user tracking and the information could leak to third parties who eavesdrop the connection. With the HTTP header for Referrer-Policy you can mitigate these risks.
Currently, we do not evaluate the effectiveness of the configured Referrer-Policy value. However, we suggest making an informed decision, with privacy and security risks in mind, on using one of the policy values from the first two categories below.
Recommended policy values:
No sensitive data to third parties
no-referrer same-origin Sensitive data to third parties only via secure connections (HTTPS)
strict-origin strict-origin-when-cross-origin Not recommended policy values:
Sensitive data to third parties possibly via insecure connections (HTTP) no-referrer-when-downgrade (browsers' default policy) origin-when-cross-origin origin unsafe-url Requirement level: Recommended