HTTP Headers Analysis for https://access.redhat.com

Detected Technologies from Headers

See all in URL Inspect 1

Apache

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=86400 ; includeSubDomains

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close, Transfer-Encoding

Transfer-Encoding

Performance

chunked

connection: close, Transfer-Encoding
transfer-encoding: chunked

Caching Headers

No caching headers found

Content Headers

Content-Type

Content

text/html;charset=utf-8

content-type: text/html;charset=utf-8

Server Headers

Server

Apache

server: Apache

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: akaalb_prod_access_ssr_homepage=~op=lb_prod_access_ssr_homepage:prod_access_mpp_aws_us_east_1|~rv=35~m=prod_access_mpp_aws_us_east_1:0|~os=e57e3bcc62a7d1de2da1aa52bd597b22~id=3a6af32e800919dc20173cf5264575d0; path=/; HttpOnly; Secure; SameSite=None; Domain=.access.redhat.com

Other Headers

Date

Other

Sat, 09 May 2026 09:08:23 GMT

X-Rh-Edge-Cache-Status

Other

Hit from child

X-Rh-Edge-Reference-Id

Other

0.cd69dc17.1778317703.2a9298d2

X-Rh-Edge-Request-Id

Other

2a9298d2

X-Ssr-App-Code

Other

CPHP-001

X-Ssr-App-Release

Other

1265920b

X-Ssr-Deployed-On

Other

2026-05-07T06:40:09+00:00

X-Ssr-Platform-Release

Other

1.26.0

date: Sat, 09 May 2026 09:08:23 GMT
x-rh-edge-cache-status: Hit from child
x-rh-edge-reference-id: 0.cd69dc17.1778317703.2a9298d2
x-rh-edge-request-id: 2a9298d2
x-ssr-app-code: CPHP-001
x-ssr-app-release: 1265920b
x-ssr-deployed-on: 2026-05-07T06:40:09+00:00
x-ssr-platform-release: 1.26.0

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching