asd.lt

Risk Score: 0

Last scanned: 2025-07-12 21:07:56 UTC

1
Total Scans
Present
CSP Status
6
Security Headers
0
CSP Violations

Security Headers

Referrer-Policy
same-origin
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains

Content Security Policy

Policy Source: header
default-src https: data: 'unsafe-inline' 'unsafe-eval'

Directives

default-src:
https: data: 'unsafe-eval' 'unsafe-inline'

Security Issues

Unsafe eval() execution allowed in default-src
Unsafe inline execution allowed in default-src
Missing recommended values for default-src: self
Missing critical directive script-src (JavaScript source control)
Missing critical directive object-src (Plugin control)
Missing critical directive base-uri (Base URI control)
Missing critical directive frame-ancestors (Framing control)
Missing critical directive sandbox (Content isolation)