Total of 3 URLs PASS: Cookie No HttpOnly Flag [10010] PASS: Cookie Without Secure Flag [10011] PASS: Password Autocomplete in Browser [10012] PASS: Cross-Domain JavaScript Source File Inclusion [10017] PASS: Content-Type Header Missing [10019] PASS: Information Disclosure - Debug Error Messages [10023] PASS: Information Disclosure - Sensitive Informations in URL [10024] PASS: Information Disclosure - Sensitive Information in HTTP Referrer Header [10025] PASS: HTTP Parameter Override [10026] PASS: Information Disclosure - Suspicious Comments [10027] PASS: Viewstate Scanner [10032] PASS: Secure Pages Include Mixed Content [10040] PASS: Weak Authentication Method [10105] PASS: Absence of Anti-CSRF Tokens [10202] PASS: Private IP Disclosure [2] PASS: Session ID in URL Rewrite [3] PASS: Script Passive Scan Rules [50001] PASS: Insecure JSF ViewState [90001] PASS: Charset Mismatch [90011] PASS: Application Error Disclosure [90022] PASS: WSDL File Passive Scanner [90030] PASS: Loosely Scoped Cookie [90033] WARN: Incomplete or No Cache-control and Pragma HTTP Header Set [10015] x 1 https://www.pass.example.com/ WARN: Web Browser XSS Protection Not Enabled [10016] x 3 https://www.pass.example.com/ https://www.pass.example.com/robots.txt https://www.pass.example.com/sitemap.xml WARN: X-Frame-Options Header Not Set [10020] x 1 https://www.pass.example.com/ WARN: X-Content-Type-Options Header Missing [10021] x 1 https://www.pass.example.com/ FAIL: 0 WARN: 4 INFO: 0 IGNORE: 0 PASS: 22 LINK: https://www.example.com