karpol.lt
Risk Score: 20Last scanned: 2025-07-16 06:01:20 UTC • Duration: 22997ms • View Scan Details →
2
Total Scans
Missing
CSP Status
4
Security Headers
0
CSP Violations
Security Headers
Referrer-Policy
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1
Permissions-Policy
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content Security Policy
Policy Source: header
default-src 'self' 'unsafe-inline' 'unsafe-eval' powerbi.com *.powerbi.com vimeo.com *.userway.org *.vimeo.com *.paysera.com paysera.com *.doubleclick.net doubleclick.net *.googleadservices.com googleadservices.com *.bing.com *.tawk.to *.youtube.com *.ytimg.com *.jsdelivr.net t.ssl.ak.dynamic.tiles.virtualearth.net dev.virtualearth.net placeimg.com data: www.googletagmanager.com maps.googleapis.com www.youtube-nocookie.com www.youtube.com t0-flt.ssl.ak.dynamic.tiles.virtualearth.net fonts.gstatic.com connect.facebook.net www.facebook.com www.google-analytics.com cdnjs.cloudflare.com www.googleapis.com www.gstatic.com maps.gstatic.com www.google.com www.google.lt stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: *.jsdelivr.net maps.gstatic.com www.googleapis.com *.userway.org fonts.googleapis.com *.bing.com dev.virtualearth.net; frame-ancestors 'self'; connect-src 'self' virtualearth.net *.virtualearth.net *.userway.org facebook.com *.facebook.com *.bing.com google-analytics.com *.google-analytics.com wss://*.tawk.to *.tawk.to; form-action 'self' vimeo.com *.vimeo.com bank.paysera.com facebook.com *.facebook.com