Open
Cached
·
just now
13
Headers
Detected Technologies from Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
connection: close
Caching Headers
Cache-Control
no-cache, private
cache-control: no-cache, private
Content Headers
Content-Length
122
Content-Type
application/json
content-length: 122 content-type: application/json
Server Headers
Server
istio-envoy
server: istio-envoy
CORS Headers
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
*
access-control-allow-headers: * access-control-allow-methods: *
Cookies Headers
Set-Cookie
PHPSESSID
nie9carc5q1kf2n3usaojhm2i5
nie9carc5q1kf2n3usaojhm2i5
path=/
secure
GEO_LOC
1%7C1455495%7C10014%7C408%7CLincoln%7CWashington%20DC%7CDistrict%20of%20Columbia%7Clincoln%7Cwashington-dc-maryland-northern-virginia%7Cdc-district-of-columbia%7C511%7CDC%7C39.0469%7C-77.4903
1%7C1455495%7C10014%7C408%7CLincoln%7CWashington%20DC%7CDistrict%20of%20Columbia%7Clincoln%7Cwashington-dc-maryland-northern-virginia%7Cdc-district-of-columbia%7C511%7CDC%7C39.0469%7C-77.4903
path=/
domain=.weddingwire.com
SameSite=Lax
secure
Max-Age=12w
expires=12w
tkww_op
78866b774dbf4865868f736f1c70d80c
78866b774dbf4865868f736f1c70d80c
path=/
domain=.api.weddingwire.com
Secure
datadome
i2RkQpbBcmL8_0Wu3aicXJTp9Jd8QkuslXBRKMk6jIHjJTt28usode_NEwi4PBd7Q44tUsk~hFLnc6OfZr9jZ2qUqPzrKqyCJfmlij5don5uWf6HdJ5BUM2AmI2dReTP
i2RkQpbBcmL8_0Wu3aicXJTp9Jd8QkuslXBRKMk6jIHjJTt28usode_NEwi4PBd7Q44tUsk~hFLnc6OfZr9jZ2qUqPzrKqyCJfmlij5don5uWf6HdJ5BUM2AmI2dReTP
Path=/
Domain=.weddingwire.com
SameSite=Lax
Secure
Max-Age=52w
Other Headers
Accept-Ch
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Date
Sun, 24 May 2026 09:15:22 GMT
X-Datadome
protected
X-Envoy-Upstream-Service-Time
50
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory date: Sun, 24 May 2026 09:15:22 GMT x-datadome: protected x-envoy-upstream-service-time: 50
Recommendations
Enable compression (gzip/brotli) to improve performance