Open
Cached
·
just now
18
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=63072000; includeSubDomains
Content-Security-Policy
Basic
default-src; font-src; img-src; +4 more
default-src 'self' https:; font-src 'self' fonts.gstatic.com https: data:; img-src 'self' https: blob: data:; object-src 'self'; frame-ancestors 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' js-agent.newrelic.com https:; style-src 'self' 'unsafe-inline' fonts.googleapis.com https:
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
Performance Headers
1 headers
Connection
Performance
close
Caching Headers
2 headers
Cache-Control
Caching
max-age=0, private, must-revalidate
Etag
Caching
W/"51f148eb2efe5c4a59a178109e80e92f"
Content Headers
2 headers
Content-Length
Content
33417
Content-Type
Content
text/html; charset=utf-8
Server Headers
1 headers
X-Runtime
Server
0.012196
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
_CloudVault_session=xjPfkR3qKBTD8T9PQTQU1kiyqdO8u6lBE%2FcId9CQKsxTa%2BKhPk%2BlxchWUWTeAm4w2gK%2BgCRIAyhAG%2BPYr234dUf2r2I4HFtek1TCHG5jgjVddqRQrNknX%2BnxFhuJheaZGuWFhcpPAAxin0nxHiSJLR3ZSazpb5hLRpdHfbuZCSPgVqqtODu45yCbXq3vax84lq9mdw4WDmwgNIj%2BqLX8%2BJuMIJguXT9gOUvH%2BjIQpS4JgFtoSa4LadUCav%2FgZjAWn1Qvu4sy98Yruh%2Fd5yPULFbbS%2BUosKRWd%2BYG--JJ5Em4LLQgKwhF1b--w0H%2F%2BR3%2F47br%2FSOMqB2KUw%3D%3D; path=/; secure; httponly; samesite=lax
Other Headers
5 headers
Date
Other
Mon, 26 Jan 2026 09:32:51 GMT
Link
Other
</files/theme-c6d173e046c450ccb3131a7d6c365eec2cdbcfa6c4734e761e4a5257f4b17e2e.css>; rel=preload; as=style; integrity=sha256-vwqZY+7kq5y6wei3fs5HJqsEgoO16Vhzb+uaWhOQZXk=; nopush,</files/admin-forms-66e51c01ba3665d5c030414d83a4b886bba342c60efb0d52d9df79b19bc59e0e.css>; rel=preload; as=style; integrity=sha256-GsqMm/v4ON88eYUaDinu88C0Ml6QBN7+1AyRRuomfbw=; nopush,</files/application-5f31bfefb36db5d414184e4757c0839ccb43250c2f6409b1e919a7ecb00cd484.css>; rel=preload; as=style; integrity=sha256-PbviH5kCdoztQsNoO8WpcDOqzttZCfwMOdXnIa6L5Ls=; nopush,</packs/js/runtime-3134bfac71aa0e8ba648.js>; rel=preload; as=script; crossorigin=anonymous; integrity=sha384-UDJfuwGTlTSjlE6RksWhlGS5yZ9v2prZ+fZtSEuUOAMD0TS2H/tXTinY0IGThKN0; nopush,</packs/js/1979-bbb64129a785c91118cd.js>; rel=preload; as=script; crossorigin=anonymous; integrity=sha384-XIRkcmQsCcR7LdMHapkrUTHDlfe64Ix15BwtsAT8dMH9YZM1aMivP4lWlKIoJPCh; nopush
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none
X-Request-Id
Other
836cac28-73c4-4f8f-9902-c2c8824b1840
Recommendations
Enable compression (gzip/brotli) to improve performance