Content-Security-Policy Analysis for https://api.withorca.com

Open Cached · just now

4 directives

Content-Security-Policy: default-src 'none';object-src 'none';frame-ancestors 'none';upgrade-insecure-requests 'block-all-mixed-content'

default-src Keyword —

'none'

object-src Keyword —

'none'

frame-ancestors Keyword —

'none'

upgrade-insecure-requests Keyword —

'block-all-mixed-content'

No report-only CSP headers found.