asd.lt
Risk Score: 0Last scanned: 2025-07-12 21:07:56 UTC
1
Total Scans
Present
CSP Status
6
Security Headers
0
CSP Violations
Security Headers
Referrer-Policy
same-origin
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content Security Policy
Policy Source: header
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Directives
default-src:
https: data: 'unsafe-eval' 'unsafe-inline'
Security Issues
Unsafe eval() execution allowed in default-src
Unsafe inline execution allowed in default-src
Missing recommended values for default-src: self
Missing critical directive script-src (JavaScript source control)
Missing critical directive object-src (Plugin control)
Missing critical directive base-uri (Base URI control)
Missing critical directive frame-ancestors (Framing control)
Missing critical directive sandbox (Content isolation)