HTTP Headers for httpninja.com

Score

A

Recommendations

Missing HeaderDescription

Header Issues

Header Issues

Header Issue
Content-Security-Policy contains unsafe-inline or unsafe-eval

Raw Headers

Header NameValue
Servernginx
DateFri, 26 Jul 2024 00:49:01 GMT
Content-Typetext/html; charset=UTF-8
Connectionkeep-alive
X-Powered-ByPleskLin
Content-Security-Policydefault-src 'self'; script-src 'self' 'unsafe-inline' https://code.jquery.com https://stackpath.bootstrapcdn.com; style-src 'self' 'unsafe-inline' https://stackpath.bootstrapcdn.com https://cdnjs.cloudflare.com https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://httpninja.com;
X-Frame-OptionsDENY
X-Content-Type-Optionsnosniff
Referrer-Policyno-referrer-when-downgrade
Permissions-Policygeolocation=(), microphone=()
X-XSS-Protection1; mode=block
Expect-CTmax-age=86400, enforce
Cache-Controlno-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Origin*
Strict-Transport-Securitymax-age=15768000; includeSubDomains