SSL Verification Bypassed
The server's SSL certificate could not be verified. The analysis was completed using insecure mode. Data may be less reliable.
Reason:
Hostname Mismatch - certificate is issued for new-agenda.redsalud.cl, not for 32.139.120.34.bc.googleusercontent.com
Open
Cached
·
just now
17
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=3104000
Content-Security-Policy
Basic
default-src; script-src; style-src; +7 more
default-src 'self' https://cdn.pixabay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://dev.visualwebsiteoptimizer.com https://apps.mypurecloud.com https://googleads.g.doubleclick.net https://paperform.co https://www.googleadservices.com/ https://unpkg.com https://fb.me https://cdnjs.cloudflare.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ stats.g.doubleclick.net https://www.clarity.ms https://connect.facebook.net; style-src 'self' 'unsafe-inline' https://www.googletagmanager.com/debug/badge.css tagmanager.google.com fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src data: 'self' cdn.pushcrew.com https://www.google.cl https://www.google.com https://dev.visualwebsiteoptimizer.com https://script.google.com https://googleads.g.doubleclick.net https://fonts.gstatic.com/ https://redsaludprodstatics.blob.core.windows.net/ https://c.bing.com/ https://c.clarity.ms/ https://flagcdn.com/ https://storage.googleapis.com https://proxy.megasalud.cl https://proxy-qa.redsalud.cl https://www.google.cl/ads/ https://www.google.com/ads/ https://www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com/recaptcha stats.g.doubleclick.net/r/ https://stats.g.doubleclick.net/r/collect https://www.facebook.com; frame-src 'self' https://apps.mypurecloud.com https://bhio8byv.paperform.co/ https://td.doubleclick.net https://www.googletagmanager.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; connect-src 'self' https://google.com https://api-cdn.mypurecloud.com https://api.mypurecloud.com wss://webmessaging.mypurecloud.com https://www.facebook.com https://dev.visualwebsiteoptimizer.com https://www.google.com/ccm/ https://analytics.google.com https://backoffice.megasalud.cl https://browser-intake-datadoghq.com https://browser-intake-datadoghq.com/api/v2/ https://*.browser-intake-datadoghq.com https://*.clarity.ms/collect https://p.clarity.ms/collect https://b.clarity.ms/collect http://analytics.google.com https://www.google-analytics.com https://redsalud-prod.apigee.net https://stats.g.doubleclick.net https://ampcid.google.com https://agenda.redsalud.cl https://proxy-qa.redsalud.cl https://proxy.megasalud.cl https://agendaback.redsalud.cl https://www.clarity.ms; worker-src blob:; object-src 'none'; child-src blob:;
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
1 headers
Vary
Performance
Accept-Encoding
Caching Headers
1 headers
Etag
Caching
"157f196blw2b56"
Content Headers
2 headers
Content-Length
Content
14444
Content-Type
Content
text/html; charset=utf-8
Server Headers
2 headers
Server
Server
Google Frontend
X-Powered-By
Server
Next.js
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
GAESA=CpYBMDAxNDc3ODI5NmI4MWMwM2YwZWRkYTlmMTFiZWU0NDJlYzZlZmRjMTdlZTAyNTgyMmZhZjQ1ZjQzYTk5NWZjYWFiZmU4MTVhMTU0OTRkZTQ3OGIxMDRhOTM1YmM3MDExZmFmMmNlMmJlN2U4ZTczYzQzZmM4MDIxM2I1OWRiZjc4OGMxMWVhYjQzZGZlMTk5YTNmNGVkEMjAufevMw; expires=Wed, 07-Jan-2026 17:07:06 GMT; path=/
Other Headers
4 headers
Alt-Svc
Other
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Date
Other
Mon, 08 Dec 2025 17:07:06 GMT
Via
Other
1.1 google
X-Cloud-Trace-Context
Other
46f7d6987e5c7dc332905b6357e093fe
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching
Consider removing X-Powered-By header to hide server technology
Analysis completed in 642ms