besra.com
Risk Score: 20Last scanned: 2025-08-25 09:09:24 UTC • Duration: 25049ms • View Scan Details →
2
Total Scans
Missing
CSP Status
4
Security Headers
0
CSP Violations
Security Headers
Referrer-Policy
strict-origin-when-cross-origin
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
Permissions-Policy
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content Security Policy
Policy Source: header
frame-ancestors https://*.besra.com, default-src 'none'; script-src 'strict-dynamic' https://www.besra.com 'nonce-${NONCE}' 'self'; style-src 'self' https://www.besra.com 'nonce-${NONCE}'; img-src https: 'self' https://www.besra.com data:; font-src https: 'self' https://www.besra.com https://fonts.gstatic.com; connect-src https: 'self' https://www.besra.com; media-src https: 'self'; object-src 'none'; frame-src 'none'; worker-src 'self'; frame-ancestors 'none' https://www.besra.com/; form-action 'self'; base-uri 'self'; manifest-src 'self'; upgrade-insecure-requests; block-all-mixed-content;