{ "scan": { "algorithmVersion": 4, "grade": "B", "error": null, "score": 70, "statusCode": 200, "testsFailed": 2, "testsPassed": 8, "testsQuantity": 10, "responseHeaders": { "server": "nginx", "date": "Sun, 16 Nov 2025 04:43:28 GMT", "content-type": "text/html; charset=utf-8", "content-length": "480", "connection": "close", "vary": "X-Forwarded-Proto,Accept-Encoding", "last-modified": "Thu, 10 Jul 2025 20:06:26 GMT", "etag": "\"53c-63998ba705480-gzip\"", "accept-ranges": "bytes", "cache-control": "no-cache, no-store, must-revalidate", "expires": "-1", "x-tableau": "Tableau Server", "p3p": "CP=\"NON\"", "x-ua-compatible": "IE=Edge", "x-content-type-options": "nosniff", "x-xss-protection": "1; mode=block", "referrer-policy": "no-referrer-when-downgrade", "content-security-policy-report-only": "connect-src * https://*.tiles.mapbox.com https://api.mapbox.com; default-src blob:; font-src * data:; frame-src * data: tableau-desktop:; img-src * data: blob:; object-src data:; report-uri /vizql/csp-report; script-src * blob: 'wasm-unsafe-eval'; style-src * 'unsafe-inline'", "x-frame-options": "SAMEORIGIN", "pragma": "no-cache", "strict-transport-security": "max-age=15780000; includeSubDomains" } }, "tests": { "content-security-policy": { "expectation": "csp-implemented-with-no-unsafe", "pass": false, "result": "csp-not-implemented-but-reporting-enabled", "scoreModifier": -25, "data": null, "http": false, "meta": false, "policy": null, "numPolicies": 0 }, "cookies": { "expectation": "cookies-secure-with-httponly-sessions", "pass": true, "result": "cookies-not-found", "scoreModifier": 0, "data": null, "sameSite": false }, "cross-origin-resource-sharing": { "expectation": "cross-origin-resource-sharing-not-implemented", "pass": true, "result": "cross-origin-resource-sharing-not-implemented", "scoreModifier": 0, "data": null }, "redirection": { "expectation": "redirection-to-https", "pass": true, "result": "redirection-to-https", "scoreModifier": 0, "destination": "https://tableau-public.discomap.eea.europa.eu/", "redirects": true, "route": [ "http://tableau-public.discomap.eea.europa.eu/", "https://tableau-public.discomap.eea.europa.eu/" ], "statusCode": 200 }, "referrer-policy": { "expectation": "referrer-policy-private", "pass": false, "result": "referrer-policy-unsafe", "scoreModifier": -5, "data": "no-referrer-when-downgrade", "http": true, "meta": false }, "strict-transport-security": { "expectation": "hsts-implemented-max-age-at-least-six-months", "pass": true, "result": "hsts-implemented-max-age-at-least-six-months", "scoreModifier": 0, "data": "max-age=15780000; includeSubDomains", "includeSubDomains": true, "maxAge": 15780000, "preload": false, "preloaded": false }, "subresource-integrity": { "expectation": "sri-implemented-and-external-scripts-loaded-securely", "pass": true, "result": "sri-not-implemented-but-all-scripts-loaded-from-secure-origin", "scoreModifier": 0, "data": {} }, "x-content-type-options": { "expectation": "x-content-type-options-nosniff", "pass": true, "result": "x-content-type-options-nosniff", "scoreModifier": 0, "data": "nosniff" }, "x-frame-options": { "expectation": "x-frame-options-sameorigin-or-deny", "pass": true, "result": "x-frame-options-sameorigin-or-deny", "scoreModifier": 0, "data": "SAMEORIGIN" }, "cross-origin-resource-policy": { "expectation": "corp-implemented-with-same-site", "pass": true, "result": "corp-not-implemented", "scoreModifier": 0, "data": null, "http": false, "meta": false } } }