Score: 0 [F]
Modifiers:
[ -5] X-Content-Type-Options header not implemented
[ -10] X-XSS-Protection header not implemented
[ -20] Does not redirect to an HTTPS site
[ -20] HTTP Strict Transport Security (HSTS) header cannot be set for sites not available over HTTPS
[ -20] X-Frame-Options (XFO) header not implemented
[ -25] Content Security Policy (CSP) header not implemented
[ -50] Content is visible via cross-origin resource sharing (CORS) file or headers
Could be good to have an option to provide JSON ouput.
For now output of the tool are hard to parse:
Could be good to have an option to provide JSON ouput.