Open
Cached
·
14h ago
9
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000 ; includeSubDomains
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Content-Type-Options: nosniff
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Transfer-Encoding
chunked
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
connection: close transfer-encoding: chunked vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Caching Headers
No caching headers found
Content Headers
No content headers found
Server Headers
No server headers found
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Date
Mon, 13 Apr 2026 02:07:41 GMT
date: Mon, 13 Apr 2026 02:07:41 GMT
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching