Open
Cached
·
just now
20
Headers
Detected Technologies from Headers
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
camera=(), microphone=(), geolocation=()
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
Performance Headers
Connection
close
Vary
Origin
connection: close vary: Origin
Caching Headers
No caching headers found
Content Headers
Content-Length
16
Content-Type
application/json
content-length: 16 content-type: application/json
Server Headers
Server
Google Frontend
server: Google Frontend
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Accept-Encoding
gzip, deflate
Date
Sun, 10 May 2026 01:20:54 GMT
Ratelimit-Limit
100
Ratelimit-Remaining
99
Ratelimit-Reset
1
Traceparent
00-d88f27789ae5ab1306f9adf63c2d4989-b5cba49216ce6f7d-01
Tracestate
newrelic=d88f27789ae5ab1306f9adf63c2d4989
X-Cloud-Trace-Context
b9cdcfae180f6421c21e72f7e6636432;o=1
X-Rate-Limit-Duration
1
X-Rate-Limit-Limit
100.00
X-Rate-Limit-Request-Forwarded-For
216.246.40.71
X-Rate-Limit-Request-Remote-Addr
169.254.169.126:17330
accept-encoding: gzip, deflate date: Sun, 10 May 2026 01:20:54 GMT ratelimit-limit: 100 ratelimit-remaining: 99 ratelimit-reset: 1 traceparent: 00-d88f27789ae5ab1306f9adf63c2d4989-b5cba49216ce6f7d-01 tracestate: newrelic=d88f27789ae5ab1306f9adf63c2d4989 x-cloud-trace-context: b9cdcfae180f6421c21e72f7e6636432;o=1 x-rate-limit-duration: 1 x-rate-limit-limit: 100.00 x-rate-limit-request-forwarded-for: 216.246.40.71 x-rate-limit-request-remote-addr: 169.254.169.126:17330
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching