Sometimes the response for a GET-request to https://api.securityheaders.com/?q=https%3a%2f%2fwww.hiddenurl.no&hide=on don't include the correct data in content. Example response: ``` { "Version": "1.1", "Content": { "Headers": [ { "Key": "Content-Type", "Value": [ "text/html; charset=utf-8" ] } ] }, "StatusCode": 200, "ReasonPhrase": "OK", "Headers": [ { "Key": "Date", "Value": [ "Wed, 13 Sep 2023 11:49:38 GMT" ] }, { "Key": "Transfer-Encoding", "Value": [ "chunked" ] }, { "Key": "Connection", "Value": [ "keep-alive" ] }, { "Key": "Vary", "Value": [ "Accept-Encoding" ] }, { "Key": "Access-Control-Allow-Origin", "Value": [ "*" ] }, { "Key": "Content-Security-Policy", "Value": [ "default-src 'self'; script-src 'self' js.stripe.com static.cloudflareinsights.com www.google.com/recaptcha/api.js www.gstatic.com/recaptcha/releases/; img-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com; font-src 'self' fonts.gstatic.com cdnjs.cloudflare.com; form-action 'self'; frame-src js.stripe.com www.google.com; report-uri https://scotthelme.report-uri.com/r/d/csp/enforce; report-to default" ] }, { "Key": "Strict-Transport-Security", "Value": [ "max-age=31536000; includeSubDomains; preload" ] }, { "Key": "Referrer-Policy", "Value": [ "strict-origin-when-cross-origin" ] }, { "Key": "X-Frame-Options", "Value": [ "SAMEORIGIN" ] }, { "Key": "X-XSS-Protection", "Value": [ "1; mode=block; report=https://scotthelme.report-uri.com/r/d/xss/enforce" ] }, { "Key": "X-Content-Type-Options", "Value": [ "nosniff" ] }, { "Key": "Expect-CT", "Value": [ "max-age=0, report-uri=\"https://scotthelme.report-uri.com/r/d/ct/reportOnly\"" ] }, { "Key": "permissions-policy", "Value": [ "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()" ] }, { "Key": "report-to", "Value": [ "{\"group\":\"default\",\"max_age\":31536000,\"endpoints\":[{\"url\":\"https://scotthelme.report-uri.com/a/d/g\"}],\"include_subdomains\":true}" ] }, { "Key": "nel", "Value": [ "{\"report_to\":\"default\",\"max_age\":31536000,\"include_subdomains\":true}" ] }, { "Key": "Cache-Control", "Value": [ "public, max-age=60" ] }, { "Key": "cross-origin-embedder-policy-report-only", "Value": [ "require-corp; report-to=\"default\"" ] }, { "Key": "cross-origin-opener-policy-report-only", "Value": [ "same-origin; report-to=\"default\"" ] }, { "Key": "CF-Cache-Status", "Value": [ "DYNAMIC" ] }, { "Key": "Server", "Value": [ "cloudflare" ] }, { "Key": "Alt-Svc", "Value": [ "h3=\":443\"" ] } ], "TrailingHeaders": [], "RequestMessage": { "Version": "1.1", "VersionPolicy": 0, "Content": null, "Method": { "Method": "GET" }, "RequestUri": "https://api.securityheaders.com/?q=https%3a%2f%2fwww.hiddenurl.com&hide=on", "Headers": [ { "Key": "x-api-key", "Value": [ "hidden" ] } ], "Properties": {}, "Options": {} }, "IsSuccessStatusCode": true } ```
Sometimes the response for a GET-request to https://api.securityheaders.com/?q=https%3a%2f%2fwww.hiddenurl.no&hide=on don't include the correct data in content.
Example response: