I am using v 1.30 of Humble and tried out the JSON output.

In case the target is not reachable, the output of "Missing Security Headers" should be empty. Right now the output indicates that the target is available.

See at the following output example:

https://github.com/DefectDojo/django-DefectDojo/pull/8989/files#diff-ff6a401d1d37c4f253ab3df1e2c0963f254bb27a23d687542eaf105766f9608d