stage.luminousindia.com
Risk Score: 0Last scanned: 2025-11-21 13:46:58 UTC • Duration: 18866ms • View Scan Details →
2
Total Scans
Missing
CSP Status
6
Security Headers
0
CSP Violations
Security Headers
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options
SAMEORIGIN, DENY
X-XSS-Protection
1; mode=block, 1; mode=block
Permissions-Policy
geolocation=(), microphone=(), camera=(), geolocation=(), microphone=(), camera=()
X-Content-Type-Options
nosniff, nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content Security Policy
Policy Source: header
default-src 'self'; script-src 'self' 'nonce-naz7KGwdf4SPt9RkvixH+Q==' 'strict-dynamic'; style-src 'self' 'nonce-naz7KGwdf4SPt9RkvixH+Q=='; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://stage.luminousindia.com https://stgblobaccount.blob.core.windows.net https://videodelivery.net; media-src 'self' https://stage.luminousindia.com https://stgblobaccount.blob.core.windows.net https://*.cloudflarestream.com https://*.videodelivery.net; connect-src 'self' https://*.cloudflarestream.com https://*.videodelivery.net https://uatapi.luminousindia.com https://stage-cms.luminousindia.com https://mpdev.luminousindia.com; object-src 'none'; base-uri 'self'; frame-src 'self'; frame-ancestors 'none'; manifest-src 'self'; worker-src 'self' ; upgrade-insecure-requests; report-to csp-endpoint; report-uri https://stage.luminousindia.com/edge-content/csp-report