This site uses cookies for analytics. By continuing to browse this site, you agree to this use.

scanning 100%

scan time: 03:01

hints

307

Date: 2020-09-16T22:38:06.499Z

webhint version: 6.1.0

Hints

Accessibility

axe/aria: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/color: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/forms: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/keyboard: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/language: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/name-role-value: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/other: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/parsing: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/semantics: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/sensory-and-visual-cues: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/structure: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/tables: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/text-alternatives: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/time-and-media: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

Compatibility

content-type: 40 hints

hint #1: 'content-type' header charset value should be 'utf-8'.

https://stats.g.doublecli … BAAEAAAAAAAC~&z=339912360

Content-Type: text/plain

hint #2: 'content-type' header charset value should be 'utf-8'.

https://www.youtube.com/iframe_api

Content-Type: application/javascript

hint #3: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.

https://connect.facebook.net/en_US/sdk.js

Content-Type: application/x-javascript; charset=utf-8

hint #4: 'content-type' header media type value should be 'audio/mp3', not 'audio/mpeg'.

https://www.langkingdom.com/audio/bonus.mp3

Content-Type: audio/mpeg

hint #5: 'content-type' header media type value should be 'audio/mp3', not 'audio/mpeg'.

https://www.langkingdom.com/audio/wc-right.mp3

Content-Type: audio/mpeg

hint #6: 'content-type' header media type value should be 'audio/mp3', not 'audio/mpeg'.

https://www.langkingdom.com/audio/wc-wrong.mp3

Content-Type: audio/mpeg

hint #7: 'content-type' header media type value should be 'audio/mp3', not 'audio/mpeg'.

https://www.langkingdom.com/audio/wc-tap-char.mp3

Content-Type: audio/mpeg

hint #8: 'content-type' header media type value should be 'audio/mp3', not 'audio/mpeg'.

https://www.langkingdom.com/audio/wc-use-bomb.mp3

Content-Type: audio/mpeg

hint #9: 'content-type' header media type value should be 'audio/mp3', not 'audio/mpeg'.

https://www.langkingdom … wc-got-free-bomb.mp3

Content-Type: audio/mpeg

hint #10: 'content-type' header media type value should be 'audio/mp3', not 'audio/mpeg'.

https://www.langkingdom.com/audio/fail.mp3

Content-Type: audio/mpeg

hint #11: 'content-type' header media type value should be 'audio/mp3', not 'audio/mpeg'.

https://www.langkingdom.com/audio/mic_on.mp3

Content-Type: audio/mpeg

hint #12: 'content-type' header charset value should be 'utf-8'.

blob:https://www.langking … 4a14-bbda-359f0b3e83ac

Content-Type: application/javascript

hint #13: 'content-type' header media type value should be 'audio/mp3', not 'audio/mpeg'.

https://www.langkingdom.com/audio/mic_off.mp3

Content-Type: audio/mpeg

hint #14: 'content-type' header media type value should be 'audio/mp3', not 'audio/mpeg'.

https://www.langkingdom.com/audio/spend-koin.mp3

Content-Type: audio/mpeg

hint #15: 'content-type' header charset value should be 'utf-8'.

https://www.gstatic.com … v5xN42-l/recaptcha__en.js

Content-Type: text/javascript

hint #16: 'content-type' header media type value should be 'audio/mp3', not 'audio/mpeg'.

https://www.langkingdom.com/audio/wc-got-xp.mp3

Content-Type: audio/mpeg

hint #17: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.

https://connect.facebook … fb31b085306&ua=modern_es6

Content-Type: application/x-javascript; charset=utf-8

hint #18: 'content-type' header charset value should be 'utf-8'.

https://s.ytimg.com/yts … fllwOGT5/www-widgetapi.js

Content-Type: text/javascript

hint #19: 'content-type' header charset value should be 'utf-8'.

https://api.langkingdom.com/auth/token

Content-Type: application/json

hint #20: 'content-type' header charset value should be 'utf-8'.

https://www.langkingdom.com/img/support-icon.svg

Content-Type: image/svg+xml

hint #21: 'content-type' header charset value should be 'utf-8'.

https://www.langkingdom … img/send-mess-icon.svg

Content-Type: image/svg+xml

hint #22: 'content-type' header charset value should be 'utf-8'.

https://www.langkingdom.com/img/call-us-icon.svg

Content-Type: image/svg+xml

hint #23: 'content-type' header charset value should be 'utf-8'.

https://www.langkingdom.com/img/email-us-icon.svg

Content-Type: image/svg+xml

hint #24: 'content-type' header charset value should be 'utf-8'.

https://www.langkingdom.com/img/logo.svg

Content-Type: image/svg+xml

hint #25: 'content-type' header charset value should be 'utf-8'.

https://www.langkingdom.com/img/icon-appstore.svg

Content-Type: image/svg+xml

hint #26: 'content-type' header charset value should be 'utf-8'.

https://www.langkingdom … landing-rating-icon.svg

Content-Type: image/svg+xml

hint #27: 'content-type' header charset value should be 'utf-8'.

https://www.langkingdom … quick-response-orange.svg

Content-Type: image/svg+xml

hint #28: 'content-type' header charset value should be 'utf-8'.

https://www.langkingdom … img/icon-playstore.svg

Content-Type: image/svg+xml

hint #29: 'content-type' header charset value should be 'utf-8'.

https://www.langkingdom … landing-video-icon.svg

Content-Type: image/svg+xml

hint #30: 'content-type' header charset value should be 'utf-8'.

https://www.langkingdom … icon-news-active.svg

Content-Type: image/svg+xml

hint #31: 'content-type' header charset value should be 'utf-8'.

https://www.langkingdom.com/img/icon-word-cl.svg

Content-Type: image/svg+xml

hint #32: 'content-type' header charset value should be 'utf-8'.

https://www.langkingdom … landing-playlist-icon.svg

Content-Type: image/svg+xml

hint #33: 'content-type' header charset value should be 'utf-8'.

https://www.langkingdom … landing-skills-icon.svg

Content-Type: image/svg+xml

hint #34: 'content-type' header charset value should be 'utf-8'.

https://www.langkingdom.com/img/search-icon.svg

Content-Type: image/svg+xml

hint #35: 'content-type' header charset value should be 'utf-8'.

https://api.langkingdom … get-subscription-plan

Content-Type: application/json

hint #36: 'content-type' header charset value should be 'utf-8'.

https://api.langkingdom.com/user/landing-page

Content-Type: application/json

hint #37: 'content-type' header media type value should be 'font/woff2', not 'application/font-woff2'.

https://www.langkingdom … webfont.woff2?v=4.7.0

Content-Type: application/font-woff2

hint #38: 'content-type' header media type value should be 'font/woff', not 'text/html'.

https://www.langkingdom … halflings-regular.woff

Content-Type: text/html; charset=utf-8

hint #39: 'content-type' header media type value should be 'font/ttf', not 'text/html'.

https://www.langkingdom … halflings-regular.ttf

Content-Type: text/html; charset=utf-8

hint #40: 'content-type' header media type value should be 'application/json', not 'text/html'.

https://www.langkingdom.com/manifest.json

Content-Type: text/html; charset=utf-8
highest-available-document-mode: 2 hints

hint #1: Response should not include unneeded 'x-ua-compatible' header.

https://www.langkingdom.com/en

Content-Type: IE=edge

hint #2: The 'x-ua-compatible' meta element should not be specified as it is not needed.

https://www.langkingdom.com/en

<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
meta-viewport: 3 hints

hint #1: The 'viewport' meta element 'content' attribute value should not contain 'user-scalable'.

https://www.langkingdom.com/en

<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no, minimum-scale=1.0, maximum-scale=1.0">

hint #2: The 'viewport' meta element 'content' attribute value should not contain 'minimum-scale'.

https://www.langkingdom.com/en

<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no, minimum-scale=1.0, maximum-scale=1.0">

hint #3: The 'viewport' meta element 'content' attribute value should not contain 'maximum-scale'.

https://www.langkingdom.com/en

<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no, minimum-scale=1.0, maximum-scale=1.0">
no-p3p: 3 hints

hint #1: P3P should not be used as it is deprecated.

http://langkingdom.com/w3c/p3p.xml

hint #2: P3P should not be used as it is deprecated.

https://www.google.com … BAAEAAAAAAAC~&z=368669326

P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"

hint #3: P3P should not be used as it is deprecated.

https://www.youtube.com/iframe_api

P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
stylesheet-limits: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

PWA

apple-touch-icons: 1 hints

hint #1: The 'apple-touch-icon' should be 180x180px.

https://www.langkingdom.com/en

<link rel="apple-touch-icon" href="img/logo-alone.png">
manifest-file-extension: 1 hints

hint #1: Web app manifest should have the filename extension 'webmanifest'.

https://www.langkingdom.com/en

<link rel="manifest" href="/manifest.json">
manifest-is-valid: 1 hints

Performance

http-cache: 72 hints

hint #1: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/

hint #2: Resource should use cache busting but URL does not match configured patterns.

https://www.google.com … vcRecaptchaApiLoaded

<script src="https://www.google.com/recaptcha/api.js?render=explicit&amp;onload=vcRecaptchaApiLoaded" async="" defer="defer">

hint #3: Static resources should use a 'cache-control' header with 'max-age=31536000' or more.

https://www.google.com … vcRecaptchaApiLoaded

Cache-Control: private, max-age=300

hint #4: Static resources should use a 'cache-control' header with the 'immutable' directive.

https://www.google.com … vcRecaptchaApiLoaded

Cache-Control: private, max-age=300

hint #5: Resource should use cache busting but URL does not match configured patterns.

https://www.googletagmana … gtm.js?id=GTM-P4FFGV4

<script async="" src="https://www.googletagmanager.com/gtm.js?id=GTM-P4FFGV4"></script>

hint #6: Static resources should use a 'cache-control' header with 'max-age=31536000' or more.

https://www.googletagmana … gtm.js?id=GTM-P4FFGV4

Cache-Control: private, max-age=900

hint #7: Static resources should use a 'cache-control' header with the 'immutable' directive.

https://www.googletagmana … gtm.js?id=GTM-P4FFGV4

Cache-Control: private, max-age=900

hint #8: Static resources should use a 'cache-control' header with the 'immutable' directive.

https://fonts.gstatic … FOmCnqEu92Fr1Mu4mxK.woff2

Cache-Control: public, max-age=31536000

hint #9: A 'cache-control' header is missing or empty.

https://www.langkingdom … dba99705.firechat.js

hint #10: A 'cache-control' header contains directives which are not recommended: 'must-revalidate', 'no-store'

https://stats.g.doublecli … BAAEAAAAAAAC~&z=339912360

Cache-Control: no-cache, no-store, must-revalidate

hint #11: A 'cache-control' header contains directives which are not recommended: 'must-revalidate', 'no-store'

https://www.google.com … BAAEAAAAAAAC~&z=368669326

Cache-Control: no-cache, no-store, must-revalidate

hint #12: A 'cache-control' header is missing or empty.

https://www.langkingdom … opentip-jquery.min.js

hint #13: A 'cache-control' header is missing or empty.

https://www.langkingdom … howler/howler.custom.js

hint #14: A 'cache-control' header is missing or empty.

https://www.langkingdom … d2bcda8f.langkingdom.js

hint #15: A 'cache-control' header is missing or empty.

https://www.langkingdom … 45371c49.langkingdom.css

hint #16: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/js/015c29d6.libs.js

hint #17: Resource should use cache busting but URL does not match configured patterns.

https://www.youtube.com/iframe_api

<script src="https://www.youtube.com/iframe_api"></script>

hint #18: Static resources should use a 'cache-control' header with 'max-age=31536000' or more.

https://www.youtube.com/iframe_api

Cache-Control: no-cache

hint #19: Static resources should use a 'cache-control' header with the 'immutable' directive.

https://www.youtube.com/iframe_api

Cache-Control: no-cache

hint #20: A 'cache-control' header contains directives with invalid values: 'stale-while-revalidate=3600'

https://connect.facebook.net/en_US/sdk.js

Cache-Control: public,max-age=1200,stale-while-revalidate=3600

hint #21: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/audio/bonus.mp3

hint #22: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/audio/wc-right.mp3

hint #23: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/audio/wc-wrong.mp3

hint #24: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/audio/wc-tap-char.mp3

hint #25: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/audio/wc-use-bomb.mp3

hint #26: A 'cache-control' header is missing or empty.

https://www.langkingdom … wc-got-free-bomb.mp3

hint #27: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/audio/fail.mp3

hint #28: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/audio/mic_on.mp3

hint #29: A 'cache-control' header is missing or empty.

blob:https://www.langking … 4a14-bbda-359f0b3e83ac

hint #30: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/audio/mic_off.mp3

hint #31: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/audio/spend-koin.mp3

hint #32: Resource should use cache busting but URL does not match configured patterns.

https://www.gstatic.com … v5xN42-l/recaptcha__en.js

<script type="text/javascript" async="" src="https://www.gstatic.com/recaptcha/releases/6TWYOsKNtRFaLeFqv5xN42-l/recaptcha__en.js">

hint #33: Static resources should use a 'cache-control' header with the 'immutable' directive.

https://www.gstatic.com … v5xN42-l/recaptcha__en.js

Cache-Control: public, max-age=31536000

hint #34: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/audio/wc-got-xp.mp3

hint #35: A 'cache-control' header contains directives with invalid values: 'stale-while-revalidate=3600'

https://connect.facebook … fb31b085306&ua=modern_es6

Cache-Control: public,max-age=31536000,stale-while-revalidate=3600,immutable

hint #36: Resource should use cache busting but URL does not match configured patterns.

https://s.ytimg.com/yts … fllwOGT5/www-widgetapi.js

<script type="text/javascript" id="www-widgetapi-script" src="https://s.ytimg.com/yts/jsbin/www-widgetapi-vfllwOGT5/www-widgetapi.js" async="">

hint #37: Static resources should use a 'cache-control' header with 'max-age=31536000' or more.

https://s.ytimg.com/yts … fllwOGT5/www-widgetapi.js

Cache-Control: public, max-age=691200

hint #38: Static resources should use a 'cache-control' header with the 'immutable' directive.

https://s.ytimg.com/yts … fllwOGT5/www-widgetapi.js

Cache-Control: public, max-age=691200

hint #39: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/img/loading.gif

hint #40: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/css/fontface.css

hint #41: A 'cache-control' header contains directives which are not recommended: 'must-revalidate', 'no-store'

https://www.facebook … wants_cookie_data=true

Cache-Control: private, no-cache, no-store, must-revalidate

hint #42: A 'cache-control' header is missing or empty.

https://www.langkingdom … translations/ui/en.json

hint #43: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/img/support-icon.svg

hint #44: A 'cache-control' header is missing or empty.

https://www.langkingdom … img/send-mess-icon.svg

hint #45: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/img/call-us-icon.svg

hint #46: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/img/email-us-icon.svg

hint #47: Static resources should use a 'cache-control' header with the 'immutable' directive.

https://fonts.gstatic … CnqEu92Fr1Mu7GxKOzY.woff2

Cache-Control: public, max-age=31536000

hint #48: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/img/logo.svg

hint #49: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/img/icon-appstore.svg

hint #50: A 'cache-control' header is missing or empty.

https://www.langkingdom … landing-rating-icon.svg

hint #51: A 'cache-control' header is missing or empty.

https://www.langkingdom … quick-response-orange.svg

hint #52: A 'cache-control' header is missing or empty.

https://www.langkingdom … img/icon-playstore.svg

hint #53: A 'cache-control' header is missing or empty.

https://www.langkingdom … landing-video-icon.svg

hint #54: A 'cache-control' header is missing or empty.

https://www.langkingdom … icon-news-active.svg

hint #55: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/img/icon-word-cl.svg

hint #56: A 'cache-control' header is missing or empty.

https://www.langkingdom … landing-playlist-icon.svg

hint #57: A 'cache-control' header is missing or empty.

https://www.langkingdom … landing-skills-icon.svg

hint #58: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/img/search-icon.svg

hint #59: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/img/avatar.jpg

hint #60: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/img/landing-ios.png

hint #61: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/img/reviewer_5.jpg

hint #62: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/%7B%7Bre.img%7D%7D

hint #63: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/img/reviewer_1.jpg

hint #64: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/img/reviewer_2.jpg

hint #65: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/img/reviewer_3.jpg

hint #66: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/img/reviewer_4.jpg

hint #67: A 'cache-control' header is missing or empty.

https://www.langkingdom … webfont.woff2?v=4.7.0

hint #68: Static resources should use a 'cache-control' header with the 'immutable' directive.

https://fonts.gstatic … CnqEu92Fr1Mu7WxKOzY.woff2

Cache-Control: public, max-age=31536000

hint #69: A 'cache-control' header is missing or empty.

https://www.langkingdom … halflings-regular.woff

hint #70: A 'cache-control' header is missing or empty.

https://www.langkingdom … halflings-regular.ttf

hint #71: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/favicon.ico

hint #72: A 'cache-control' header is missing or empty.

https://www.langkingdom.com/manifest.json

http-compression: 48 hints

hint #1: Response should be compressed with Zopfli when gzip compression is requested.

https://www.google.com … vcRecaptchaApiLoaded

<script src="https://www.google.com/recaptcha/api.js?render=explicit&amp;onload=vcRecaptchaApiLoaded" async="" defer="defer">

hint #2: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.google.com … vcRecaptchaApiLoaded

<script src="https://www.google.com/recaptcha/api.js?render=explicit&amp;onload=vcRecaptchaApiLoaded" async="" defer="defer">

hint #3: Response should be compressed with Zopfli when gzip compression is requested.

https://www.googletagmana … gtm.js?id=GTM-P4FFGV4

<script async="" src="https://www.googletagmanager.com/gtm.js?id=GTM-P4FFGV4"></script>

hint #4: Response should be compressed with Zopfli when gzip compression is requested.

https://www.langkingdom … dba99705.firechat.js

<script src="js/dba99705.firechat.js"></script>

hint #5: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.langkingdom … dba99705.firechat.js

<script src="js/dba99705.firechat.js"></script>

hint #6: Response should be compressed with gzip when gzip compression is requested.

https://stats.g.doublecli … BAAEAAAAAAAC~&z=339912360

hint #7: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://stats.g.doublecli … BAAEAAAAAAAC~&z=339912360

hint #8: Response should be compressed with Zopfli when gzip compression is requested.

https://www.langkingdom … opentip-jquery.min.js

<script src="js/conditional-resource/opentip/opentip-jquery.min.js"></script>

hint #9: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.langkingdom … opentip-jquery.min.js

<script src="js/conditional-resource/opentip/opentip-jquery.min.js"></script>

hint #10: Response should be compressed with Zopfli when gzip compression is requested.

https://www.langkingdom … howler/howler.custom.js

<script src="js/conditional-resource/howler/howler.custom.js"></script>

hint #11: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.langkingdom … howler/howler.custom.js

<script src="js/conditional-resource/howler/howler.custom.js"></script>

hint #12: Response should be compressed with Zopfli when gzip compression is requested.

https://www.langkingdom … d2bcda8f.langkingdom.js

<script src="js/d2bcda8f.langkingdom.js"></script>

hint #13: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.langkingdom … d2bcda8f.langkingdom.js

<script src="js/d2bcda8f.langkingdom.js"></script>

hint #14: Response should be compressed with Zopfli when gzip compression is requested.

https://www.langkingdom … 45371c49.langkingdom.css

<link rel="stylesheet" href="css/45371c49.langkingdom.css">

hint #15: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.langkingdom … 45371c49.langkingdom.css

<link rel="stylesheet" href="css/45371c49.langkingdom.css">

hint #16: Response should be compressed with Zopfli when gzip compression is requested.

https://www.langkingdom.com/js/015c29d6.libs.js

<script src="js/015c29d6.libs.js"></script>

hint #17: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.langkingdom.com/js/015c29d6.libs.js

<script src="js/015c29d6.libs.js"></script>

hint #18: Response should be compressed with gzip when gzip compression is requested.

https://www.youtube.com/iframe_api

<script src="https://www.youtube.com/iframe_api"></script>

hint #19: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.youtube.com/iframe_api

<script src="https://www.youtube.com/iframe_api"></script>

hint #20: Response should be compressed with Zopfli when gzip compression is requested.

https://connect.facebook.net/en_US/sdk.js

<script id="facebook-jssdk" src="https://connect.facebook.net/en_US/sdk.js"></script>

hint #21: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://connect.facebook.net/en_US/sdk.js

<script id="facebook-jssdk" src="https://connect.facebook.net/en_US/sdk.js"></script>

hint #22: Response should be compressed with Zopfli when gzip compression is requested.

https://www.gstatic.com … v5xN42-l/recaptcha__en.js

<script type="text/javascript" async="" src="https://www.gstatic.com/recaptcha/releases/6TWYOsKNtRFaLeFqv5xN42-l/recaptcha__en.js">

hint #23: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.gstatic.com … v5xN42-l/recaptcha__en.js

<script type="text/javascript" async="" src="https://www.gstatic.com/recaptcha/releases/6TWYOsKNtRFaLeFqv5xN42-l/recaptcha__en.js">

hint #24: Response should be compressed with Zopfli when gzip compression is requested.

https://connect.facebook … fb31b085306&ua=modern_es6

<script src="https://connect.facebook.net/en_US/sdk.js?hash=84ca10d5174af6f662cdefb31b085306&amp;ua=modern_es6" async="" crossorigin="anonymous">

hint #25: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://connect.facebook … fb31b085306&ua=modern_es6

<script src="https://connect.facebook.net/en_US/sdk.js?hash=84ca10d5174af6f662cdefb31b085306&amp;ua=modern_es6" async="" crossorigin="anonymous">

hint #26: Response should be compressed with Zopfli when gzip compression is requested.

https://s.ytimg.com/yts … fllwOGT5/www-widgetapi.js

<script type="text/javascript" id="www-widgetapi-script" src="https://s.ytimg.com/yts/jsbin/www-widgetapi-vfllwOGT5/www-widgetapi.js" async="">

hint #27: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://s.ytimg.com/yts … fllwOGT5/www-widgetapi.js

<script type="text/javascript" id="www-widgetapi-script" src="https://s.ytimg.com/yts/jsbin/www-widgetapi-vfllwOGT5/www-widgetapi.js" async="">

hint #28: Response should be compressed with Zopfli when gzip compression is requested.

https://www.langkingdom.com/css/fontface.css

<link rel="stylesheet" property="stylesheet" href="css/fontface.css">

hint #29: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.langkingdom.com/css/fontface.css

<link rel="stylesheet" property="stylesheet" href="css/fontface.css">

hint #31: Response should be compressed with gzip when gzip compression is requested.

https://www.facebook … wants_cookie_data=true

hint #32: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.facebook … wants_cookie_data=true

hint #33: Response should be compressed with Zopfli when gzip compression is requested.

https://api.langkingdom.com/auth/token

hint #34: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://api.langkingdom.com/auth/token

hint #35: Response should be compressed with Zopfli when gzip compression is requested.

https://www.langkingdom … translations/ui/en.json

hint #36: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.langkingdom … translations/ui/en.json

hint #37: Response should be compressed with Zopfli when gzip compression is requested.

https://api.langkingdom … get-subscription-plan

hint #38: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://api.langkingdom … get-subscription-plan

hint #39: Response should be compressed with Zopfli when gzip compression is requested.

https://api.langkingdom.com/user/landing-page

hint #40: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://api.langkingdom.com/user/landing-page

hint #41: Response should not be compressed.

https://www.langkingdom … halflings-regular.woff

hint #42: Response should not include 'content-encoding' header.

https://www.langkingdom … halflings-regular.woff

Content-Encoding: gzip

hint #43: Response should be compressed with Zopfli when gzip compression is requested.

https://www.langkingdom … halflings-regular.ttf

hint #44: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.langkingdom … halflings-regular.ttf

hint #45: Response should be compressed with Zopfli when gzip compression is requested.

https://www.langkingdom.com/favicon.ico

hint #46: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.langkingdom.com/favicon.ico

hint #47: Response should be compressed with Zopfli when gzip compression is requested.

https://www.langkingdom.com/manifest.json

<link rel="manifest" href="/manifest.json">

hint #48: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.langkingdom.com/manifest.json

<link rel="manifest" href="/manifest.json">
no-html-only-headers: 22 hints

hint #1: Response should not include unneeded headers: x-xss-protection

https://www.google.com … vcRecaptchaApiLoaded

<script src="https://www.google.com/recaptcha/api.js?render=explicit&amp;onload=vcRecaptchaApiLoaded" async="" defer="defer">

hint #2: Response should not include unneeded headers: x-xss-protection

https://www.googletagmana … gtm.js?id=GTM-P4FFGV4

<script async="" src="https://www.googletagmanager.com/gtm.js?id=GTM-P4FFGV4"></script>

hint #3: Response should not include unneeded headers: x-xss-protection

https://fonts.gstatic … FOmCnqEu92Fr1Mu4mxK.woff2

hint #4: Response should not include unneeded headers: x-xss-protection

https://www.google.com … BAAEAAAAAAAC~&z=368669326

hint #5: Response should not include unneeded headers: x-xss-protection

https://www.youtube.com/iframe_api

<script src="https://www.youtube.com/iframe_api"></script>

hint #6: Response should not include unneeded headers: x-ua-compatible

https://www.langkingdom.com/audio/bonus.mp3

hint #7: Response should not include unneeded headers: x-ua-compatible

https://www.langkingdom.com/audio/wc-right.mp3

hint #8: Response should not include unneeded headers: x-ua-compatible

https://www.langkingdom.com/audio/wc-wrong.mp3

hint #9: Response should not include unneeded headers: x-ua-compatible

https://www.langkingdom.com/audio/wc-tap-char.mp3

hint #10: Response should not include unneeded headers: x-ua-compatible

https://www.langkingdom.com/audio/wc-use-bomb.mp3

hint #11: Response should not include unneeded headers: x-ua-compatible

https://www.langkingdom … wc-got-free-bomb.mp3

hint #12: Response should not include unneeded headers: x-ua-compatible

https://www.langkingdom.com/audio/fail.mp3

hint #13: Response should not include unneeded headers: x-ua-compatible

https://www.langkingdom.com/audio/mic_on.mp3

hint #14: Response should not include unneeded headers: x-ua-compatible

https://www.langkingdom.com/audio/mic_off.mp3

hint #15: Response should not include unneeded headers: x-ua-compatible

https://www.langkingdom.com/audio/spend-koin.mp3

hint #16: Response should not include unneeded headers: x-xss-protection

https://www.gstatic.com … v5xN42-l/recaptcha__en.js

<script type="text/javascript" async="" src="https://www.gstatic.com/recaptcha/releases/6TWYOsKNtRFaLeFqv5xN42-l/recaptcha__en.js">

hint #17: Response should not include unneeded headers: x-ua-compatible

https://www.langkingdom.com/audio/wc-got-xp.mp3

hint #18: Response should not include unneeded headers: x-xss-protection

https://s.ytimg.com/yts … fllwOGT5/www-widgetapi.js

<script type="text/javascript" id="www-widgetapi-script" src="https://s.ytimg.com/yts/jsbin/www-widgetapi-vfllwOGT5/www-widgetapi.js" async="">

hint #19: Response should not include unneeded headers: x-ua-compatible

https://www.langkingdom … translations/ui/en.json

hint #20: Response should not include unneeded headers: x-xss-protection

https://fonts.gstatic … CnqEu92Fr1Mu7GxKOzY.woff2

hint #21: Response should not include unneeded headers: x-ua-compatible

https://www.langkingdom … webfont.woff2?v=4.7.0

hint #22: Response should not include unneeded headers: x-xss-protection

https://fonts.gstatic … CnqEu92Fr1Mu7WxKOzY.woff2

performance-budget: 1 hints

hint #1: To load all the resources on a 4G network, it will take about 27.8s in optimal conditions (that is 22.8s more than the 5s target).

https://www.langkingdom.com/en

image-optimization-cloudinary: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

Pitfalls

button-type: 2 hints

hint #1: Button type attribute has not been set.

https://www.langkingdom.com/en

<button class="btn btn-login ng-binding" ng-click="showLogin()">Login | Sign up</button>

hint #2: Button type attribute has not been set.

https://www.langkingdom.com/en

<button class="btn btn-warning cta-start ng-binding" ng-click="showLogin()">

Security

disown-opener: 2 hints

hint #1: Link 'rel' attribute should include 'noopener'.

https://www.langkingdom.com/en

<a href="https://m.me/130958636927179?ref=fanpage-lk" target="_blank">

hint #2: Link 'rel' attribute should include 'noreferrer'.

https://www.langkingdom.com/en

<a href="https://m.me/130958636927179?ref=fanpage-lk" target="_blank">
https-only: 1 hints
no-disallowed-headers: 73 hints

hint #1: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/

x-frame-options: deny

hint #2: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.google.com … vcRecaptchaApiLoaded

x-frame-options: sameorigin

hint #3: The 'Expires' header should not be used, 'Cache-Control' should be preferred.

https://www.google.com … vcRecaptchaApiLoaded

expires: wed, 16 sep 2020 22:38:12 gmt

hint #4: The 'Expires' header should not be used, 'Cache-Control' should be preferred.

https://www.googletagmana … gtm.js?id=GTM-P4FFGV4

expires: wed, 16 sep 2020 22:38:12 gmt

hint #5: The 'Expires' header should not be used, 'Cache-Control' should be preferred.

https://fonts.gstatic … FOmCnqEu92Fr1Mu4mxK.woff2

expires: thu, 16 sep 2021 19:51:04 gmt

hint #6: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … dba99705.firechat.js

x-frame-options: deny

hint #7: The 'Pragma' header should not be used, it is deprecated and is a request header only.

https://stats.g.doublecli … BAAEAAAAAAAC~&z=339912360

pragma: no-cache

hint #8: The 'Expires' header should not be used, 'Cache-Control' should be preferred.

https://stats.g.doublecli … BAAEAAAAAAAC~&z=339912360

expires: fri, 01 jan 1990 00:00:00 gmt

hint #9: The 'Pragma' header should not be used, it is deprecated and is a request header only.

https://www.google.com … BAAEAAAAAAAC~&z=368669326

pragma: no-cache

hint #10: The 'P3P' header should not be used, it is a non-standard header only implemented in Internet Explorer.

https://www.google.com … BAAEAAAAAAAC~&z=368669326

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", cp="noi dev psa psd iva ivd otp our otr ind otc"

hint #11: The 'Expires' header should not be used, 'Cache-Control' should be preferred.

https://www.google.com … BAAEAAAAAAAC~&z=368669326

expires: fri, 01 jan 1990 00:00:00 gmt

hint #12: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … opentip-jquery.min.js

x-frame-options: deny

hint #13: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … howler/howler.custom.js

x-frame-options: deny

hint #14: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … d2bcda8f.langkingdom.js

x-frame-options: deny

hint #15: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … 45371c49.langkingdom.css

x-frame-options: deny

hint #16: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/js/015c29d6.libs.js

x-frame-options: deny

hint #17: The 'P3P' header should not be used, it is a non-standard header only implemented in Internet Explorer.

https://www.youtube.com/iframe_api

p3p: cp="this is not a p3p policy! see http://support.google.com/accounts/answer/151657?hl=en for more info."

hint #18: The 'Expires' header should not be used, 'Cache-Control' should be preferred.

https://www.youtube.com/iframe_api

expires: tue, 27 apr 1971 19:44:06 gmt

hint #19: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://connect.facebook.net/en_US/sdk.js

x-frame-options: deny

hint #20: The 'Expires' header should not be used, 'Cache-Control' should be preferred.

https://connect.facebook.net/en_US/sdk.js

expires: wed, 16 sep 2020 22:40:08 gmt

hint #21: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/audio/bonus.mp3

x-frame-options: deny

hint #22: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/audio/wc-right.mp3

x-frame-options: deny

hint #23: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/audio/wc-wrong.mp3

x-frame-options: deny

hint #24: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/audio/wc-tap-char.mp3

x-frame-options: deny

hint #25: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/audio/wc-use-bomb.mp3

x-frame-options: deny

hint #26: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … wc-got-free-bomb.mp3

x-frame-options: deny

hint #27: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/audio/fail.mp3

x-frame-options: deny

hint #28: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/audio/mic_on.mp3

x-frame-options: deny

hint #29: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/audio/mic_off.mp3

x-frame-options: deny

hint #30: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/audio/spend-koin.mp3

x-frame-options: deny

hint #31: The 'Expires' header should not be used, 'Cache-Control' should be preferred.

https://www.gstatic.com … v5xN42-l/recaptcha__en.js

expires: tue, 14 sep 2021 17:40:03 gmt

hint #32: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/audio/wc-got-xp.mp3

x-frame-options: deny

hint #33: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://connect.facebook … fb31b085306&ua=modern_es6

x-frame-options: deny

hint #34: The 'Expires' header should not be used, 'Cache-Control' should be preferred.

https://connect.facebook … fb31b085306&ua=modern_es6

expires: thu, 16 sep 2021 20:57:26 gmt

hint #35: The 'Expires' header should not be used, 'Cache-Control' should be preferred.

https://s.ytimg.com/yts … fllwOGT5/www-widgetapi.js

expires: thu, 24 sep 2020 20:34:56 gmt

hint #36: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/img/loading.gif

x-frame-options: deny

hint #37: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/css/fontface.css

x-frame-options: deny

hint #38: The 'Pragma' header should not be used, it is deprecated and is a request header only.

https://www.facebook … wants_cookie_data=true

pragma: no-cache

hint #39: The 'Expires' header should not be used, 'Cache-Control' should be preferred.

https://www.facebook … wants_cookie_data=true

expires: sat, 01 jan 2000 00:00:00 gmt

hint #40: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://api.langkingdom.com/auth/token

x-frame-options: deny

hint #41: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … translations/ui/en.json

x-frame-options: deny

hint #42: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/img/support-icon.svg

x-frame-options: deny

hint #43: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … img/send-mess-icon.svg

x-frame-options: deny

hint #44: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/img/call-us-icon.svg

x-frame-options: deny

hint #45: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/img/email-us-icon.svg

x-frame-options: deny

hint #46: The 'Expires' header should not be used, 'Cache-Control' should be preferred.

https://fonts.gstatic … CnqEu92Fr1Mu7GxKOzY.woff2

expires: fri, 10 sep 2021 00:48:04 gmt

hint #47: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/img/logo.svg

x-frame-options: deny

hint #48: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/img/icon-appstore.svg

x-frame-options: deny

hint #49: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … landing-rating-icon.svg

x-frame-options: deny

hint #50: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … quick-response-orange.svg

x-frame-options: deny

hint #51: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … img/icon-playstore.svg

x-frame-options: deny

hint #52: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … landing-video-icon.svg

x-frame-options: deny

hint #53: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … icon-news-active.svg

x-frame-options: deny

hint #54: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/img/icon-word-cl.svg

x-frame-options: deny

hint #55: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … landing-playlist-icon.svg

x-frame-options: deny

hint #56: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … landing-skills-icon.svg

x-frame-options: deny

hint #57: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/img/search-icon.svg

x-frame-options: deny

hint #58: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://api.langkingdom … get-subscription-plan

x-frame-options: deny

hint #59: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/img/avatar.jpg

x-frame-options: deny

hint #60: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/img/landing-ios.png

x-frame-options: deny

hint #61: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/img/reviewer_5.jpg

x-frame-options: deny

hint #62: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/%7B%7Bre.img%7D%7D

x-frame-options: deny

hint #63: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/img/reviewer_1.jpg

x-frame-options: deny

hint #64: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/img/reviewer_2.jpg

x-frame-options: deny

hint #65: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/img/reviewer_3.jpg

x-frame-options: deny

hint #66: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/img/reviewer_4.jpg

x-frame-options: deny

hint #67: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://api.langkingdom.com/user/landing-page

x-frame-options: deny

hint #68: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … webfont.woff2?v=4.7.0

x-frame-options: deny

hint #69: The 'Expires' header should not be used, 'Cache-Control' should be preferred.

https://fonts.gstatic … CnqEu92Fr1Mu7WxKOzY.woff2

expires: sat, 11 sep 2021 04:24:10 gmt

hint #70: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … halflings-regular.woff

x-frame-options: deny

hint #71: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom … halflings-regular.ttf

x-frame-options: deny

hint #72: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/favicon.ico

x-frame-options: deny

hint #73: The 'X-Frame-Options' header should not be used. A similar effect, with more consistent support and stronger checks, can be achieved with the 'Content-Security-Policy' header and 'frame-ancestors' directive.

https://www.langkingdom.com/manifest.json

x-frame-options: deny
sri: 7 hints

hint #1: Cross-origin resource needs a 'crossorigin' attribute to be eligible for integrity validation.

https://www.langkingdom.com/

<script src="https://www.google.com/recaptcha/api.js?render=explicit&amp;onload=vcRecaptchaApiLoaded" async="" defer="defer">

hint #2: Cross-origin resource needs a 'crossorigin' attribute to be eligible for integrity validation.

https://www.langkingdom.com/

<script async="" src="https://www.googletagmanager.com/gtm.js?id=GTM-P4FFGV4"></script>

hint #3: Cross-origin resource needs a 'crossorigin' attribute to be eligible for integrity validation.

https://www.langkingdom.com/

<script src="https://www.youtube.com/iframe_api"></script>

hint #4: Cross-origin resource needs a 'crossorigin' attribute to be eligible for integrity validation.

https://www.langkingdom.com/

<script id="facebook-jssdk" src="https://connect.facebook.net/en_US/sdk.js"></script>

hint #5: Cross-origin resource needs a 'crossorigin' attribute to be eligible for integrity validation.

https://www.langkingdom.com/

<script type="text/javascript" async="" src="https://www.gstatic.com/recaptcha/releases/6TWYOsKNtRFaLeFqv5xN42-l/recaptcha__en.js">

hint #6: Resource was requested without the 'integrity' attribute.

https://www.langkingdom.com/

<script src="https://connect.facebook.net/en_US/sdk.js?hash=84ca10d5174af6f662cdefb31b085306&amp;ua=modern_es6" async="" crossorigin="anonymous">

hint #7: Cross-origin resource needs a 'crossorigin' attribute to be eligible for integrity validation.

https://www.langkingdom.com/

<script type="text/javascript" id="www-widgetapi-script" src="https://s.ytimg.com/yts/jsbin/www-widgetapi-vfllwOGT5/www-widgetapi.js" async="">
strict-transport-security: 8 hints

hint #1: The 'strict-transport-security' header was not specified.

https://www.google.com … vcRecaptchaApiLoaded

<script src="https://www.google.com/recaptcha/api.js?render=explicit&amp;onload=vcRecaptchaApiLoaded" async="" defer="defer">

hint #2: The 'strict-transport-security' header was not specified.

https://fonts.gstatic … FOmCnqEu92Fr1Mu4mxK.woff2

hint #3: The 'strict-transport-security' header was not specified.

https://www.google.com … BAAEAAAAAAAC~&z=368669326

hint #4: The 'strict-transport-security' header was not specified.

https://www.youtube.com/iframe_api

<script src="https://www.youtube.com/iframe_api"></script>

hint #5: The 'strict-transport-security' header was not specified.

https://www.gstatic.com … v5xN42-l/recaptcha__en.js

<script type="text/javascript" async="" src="https://www.gstatic.com/recaptcha/releases/6TWYOsKNtRFaLeFqv5xN42-l/recaptcha__en.js">

hint #6: The 'strict-transport-security' header was not specified.

https://s.ytimg.com/yts … fllwOGT5/www-widgetapi.js

<script type="text/javascript" id="www-widgetapi-script" src="https://s.ytimg.com/yts/jsbin/www-widgetapi-vfllwOGT5/www-widgetapi.js" async="">

hint #7: The 'strict-transport-security' header was not specified.

https://fonts.gstatic … CnqEu92Fr1Mu7GxKOzY.woff2

hint #8: The 'strict-transport-security' header was not specified.

https://fonts.gstatic … CnqEu92Fr1Mu7WxKOzY.woff2

x-content-type-options: 2 hints

hint #1: Response should include 'x-content-type-options' header.

https://www.googletagmana … gtm.js?id=GTM-P4FFGV4

<script async="" src="https://www.googletagmanager.com/gtm.js?id=GTM-P4FFGV4"></script>

hint #2: Response should include 'x-content-type-options' header.

blob:https://www.langking … 4a14-bbda-359f0b3e83ac

no-vulnerable-javascript-libraries: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

ssllabs: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.