Open
Cached
·
just now
12
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=604800
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
1 headers
Connection
Performance
keep-alive
Caching Headers
1 headers
Etag
Caching
W/"2b59-QW9MSCyo/rPEaRHZnbfk0ch2VK8"
Content Headers
2 headers
Content-Length
Content
11456
Content-Type
Content
text/html; charset=utf-8
Server Headers
0 headers
No server headers found
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
bm_mi=5D3A4B453800B11BE89D59F2226BE80F~YAAQcw80F988qFSaAQAAY0rDXx17UvQAo3K7IUsIjqmbnHPpbj3BYbABP3HDXEiogNyev/GziIKYEBiV/CgRao9w2/s0ckByABKPooAY5C21ETc/j6thQSGQEIRJHtITvozO0dFSvYNWyDDNttjf0JulV9MbIsjvBoNNRFx0ml2ErMmN2xyYgXcunt9oYMaQ+MNsWnAXuJtmOswPVJ3LInuQZNaexNlcdsxNPFk1g2vaVPXSHfdynKZKB/A0iFOekFcer+73nufqKxhV65sQP5YFINfcpl9+UGShvOb/xR9m254XsIiNIpDWVfU=~1; Domain=.apiary.io; Path=/; Expires=Fri, 07 Nov 2025 19:20:25 GMT; Max-Age=0; Secure
Other Headers
3 headers
Akamai-Grn
Other
0.730f3417.1762543225.19c354fe
Date
Other
Fri, 07 Nov 2025 19:20:25 GMT
X-Akamai-Transformed
Other
0 - 0 -
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching
Analysis completed in 141ms