{"domain":"example.com","https_enabled":true,"score":0,"score_class":"score-low","headers":[{"name":"content-security-policy","value":null,"present":false,"recommendation":"Controls resources the browser can load. Prevents XSS."},{"name":"x-content-type-options","value":null,"present":false,"recommendation":"Prevents MIME type sniffing. Should be 'nosniff'."},{"name":"x-frame-options","value":null,"present":false,"recommendation":"Controls framing. Use CSP frame-ancestors instead."},{"name":"strict-transport-security","value":null,"present":false,"recommendation":"Forces HTTPS. Recommended: max-age=31536000; includeSubDomains"},{"name":"referrer-policy","value":null,"present":false,"recommendation":"Controls referrer info. Recommended: strict-origin-when-cross-origin"},{"name":"permissions-policy","value":null,"present":false,"recommendation":"Controls browser features. Recommended: camera=(), microphone=(), geolocation=()"},{"name":"x-xss-protection","value":null,"present":false,"recommendation":"Deprecated. Use Content-Security-Policy instead."},{"name":"cross-origin-opener-policy","value":null,"present":false,"recommendation":"Controls cross-origin window access. Recommended: same-origin"},{"name":"cross-origin-resource-policy","value":null,"present":false,"recommendation":"Controls cross-origin resource access. Recommended: same-origin"},{"name":"cross-origin-embedder-policy","value":null,"present":false,"recommendation":"Controls cross-origin embedding. Recommended: require-corp"}],"errors":["Missing header: content-security-policy","Missing header: x-content-type-options","Missing header: x-frame-options","Missing header: strict-transport-security","Missing header: referrer-policy","Missing header: permissions-policy","Missing header: x-xss-protection","Missing header: cross-origin-opener-policy","Missing header: cross-origin-resource-policy","Missing header: cross-origin-embedder-policy","Missing recommended header: content-security-policy","Missing recommended header: x-content-type-options","Missing recommended header: strict-transport-security","Missing recommended header: referrer-policy"],"successes":["HTTPS is enabled"],"issues":[{"issue":"Missing: content-security-policy","recommendation":"Controls resources the browser can load. Prevents XSS."},{"issue":"Missing: x-content-type-options","recommendation":"Prevents MIME type sniffing. Should be 'nosniff'."},{"issue":"Missing: x-frame-options","recommendation":"Controls framing. Use CSP frame-ancestors instead."},{"issue":"Missing: strict-transport-security","recommendation":"Forces HTTPS. Recommended: max-age=31536000; includeSubDomains"},{"issue":"Missing: referrer-policy","recommendation":"Controls referrer info. Recommended: strict-origin-when-cross-origin"},{"issue":"Missing: permissions-policy","recommendation":"Controls browser features. Recommended: camera=(), microphone=(), geolocation=()"},{"issue":"Missing: x-xss-protection","recommendation":"Deprecated. Use Content-Security-Policy instead."},{"issue":"Missing: cross-origin-opener-policy","recommendation":"Controls cross-origin window access. Recommended: same-origin"},{"issue":"Missing: cross-origin-resource-policy","recommendation":"Controls cross-origin resource access. Recommended: same-origin"},{"issue":"Missing: cross-origin-embedder-policy","recommendation":"Controls cross-origin embedding. Recommended: require-corp"},{"issue":"Missing recommended header: content-security-policy","recommendation":"Review and fix this security issue"},{"issue":"Missing recommended header: x-content-type-options","recommendation":"Review and fix this security issue"},{"issue":"Missing recommended header: strict-transport-security","recommendation":"Review and fix this security issue"},{"issue":"Missing recommended header: referrer-policy","recommendation":"Review and fix this security issue"}],"raw_headers":[{"name":"date","value":"Fri, 17 Apr 2026 16:26:54 GMT"},{"name":"content-type","value":"text/html"},{"name":"transfer-encoding","value":"chunked"},{"name":"connection","value":"keep-alive"},{"name":"server","value":"cloudflare"},{"name":"last-modified","value":"Tue, 14 Apr 2026 05:43:19 GMT"},{"name":"allow","value":"GET, HEAD"},{"name":"accept-ranges","value":"bytes"},{"name":"age","value":"4553"},{"name":"cf-cache-status","value":"HIT"},{"name":"cf-ray","value":"9edccb4c6cb91243-ARN"}]}