ZAP API Scan Report

[github-actions]

• Site: https://security.c4po.dev
  New Alerts
  • Content Security Policy (CSP) Header Not Set [10038] total: 1:
    • https://security.c4po.dev
  • Cross-Domain Misconfiguration [10098] total: 1:
    • https://security.c4po.dev
  • Missing Anti-clickjacking Header [10020] total: 1:
    • https://security.c4po.dev
  • Strict-Transport-Security Header Not Set [10035] total: 1:
    • https://security.c4po.dev
  • Unexpected Content-Type was returned [100001] total: 56:
    • https://security.c4po.dev
    • https://security.c4po.dev/
    • https://security.c4po.dev/._darcs
    • https://security.c4po.dev/.bzr
    • https://security.c4po.dev/.DS_Store
    • ..
  • X-Content-Type-Options Header Missing [10021] total: 1:
    • https://security.c4po.dev
  • A Client Error response code was returned by the server [100000] total: 54:
    • https://security.c4po.dev/._darcs
    • https://security.c4po.dev/.bzr
    • https://security.c4po.dev/.DS_Store
    • https://security.c4po.dev/.env
    • https://security.c4po.dev/.git/config
    • ..
  • Information Disclosure - Suspicious Comments [10027] total: 1:
    • https://security.c4po.dev
  • Modern Web Application [10109] total: 1:
    • https://security.c4po.dev
  • Re-examine Cache-control Directives [10015] total: 1:
    • https://security.c4po.dev
  • Retrieved from Cache [10050] total: 1:
    • https://security.c4po.dev

View the following link to download the report.
RunnerID:9255714742