HTTP Headers Analysis for https://aerdata.nl

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Good

sameorigin

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Present

microphone=(), payment=(), sync-xhr=(self), autoplay=(), camera=()

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks

Performance Headers

1 headers

Accept-Ranges

Performance

bytes

Caching Headers

2 headers

Etag

Caching

"81205f773931db1:0"

Last-Modified

Caching

Thu, 07 Nov 2024 17:21:22 GMT

Content Headers

2 headers

Content-Length

Content

3388

Content-Type

Content

text/html

Server Headers

0 headers

No server headers found

CORS Headers

0 headers

No CORS headers found

Cookies Headers

1 headers

Set-Cookie

Cookies

ns_dashboard=4bb3a3d8a8ba15de9db03587d44cf5c38584b6f17aa08c7f49a2cafc6b0c290b2b57db8d;path=/;secure;httponly

Other Headers

2 headers

Content-Security-Policy-Report-Only

Other

default-src 'self'; script-src 'self'; style-src 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self'; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self'; frame-ancestors 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; worker-src 'none'

Date

Other

Tue, 10 Feb 2026 14:19:44 GMT

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching