Open
Cached
·
just now
15
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=2592000
Content-Security-Policy
Strong
default-src; object-src; frame-ancestors; +6 more
default-src 'self' https://ajax.aspnetcdn.com https://www.gstatic.com https://files.connectwise.com https://cw.connectwise.net https://dc.services.visualstudio.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; upgrade-insecure-requests; img-src 'self' https://files.connectwise.com; script-src 'self' https://www.google.com/recaptcha/api.js https://www.gstatic.com https://ajax.aspnetcdn.com https://js.monitor.azure.com https://az416426.vo.msecnd.net https://dc.services.visualstudio.com; frame-src 'self' https://www.google.com/;
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Consider adding Permissions-Policy to control browser features
Performance Headers
2 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Caching Headers
2 headers
Cache-Control
Caching
no-cache, no-store
Pragma
Caching
no-cache
Content Headers
1 headers
Content-Type
Content
text/html; charset=utf-8
Server Headers
0 headers
No server headers found
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
.AspNetCore.Mvc.CookieTempDataProvider=CfDJ8LpTHjj16PtFk_LunEVfmQ262rHeIFSfddjLnVk997mapuBvz3Q8vdfoEDldliD1DQEfhws9tM2edEK8Q7FD0AKo0_pVEpZA2oyBpdZHaB9hPbTL2cQOwKAbdgWaVPvaAfNOinh9xXMlkZtX5mWg3VQ; path=/; samesite=lax; httponly
Other Headers
4 headers
Date
Other
Tue, 20 Jan 2026 16:43:18 GMT
Request-Context
Other
appId=cid-v1:8c840049-9326-4bfd-a71a-b9067546d9cc
X-Content-Security-Policy
Other
default-src 'self' https://ajax.aspnetcdn.com https://www.gstatic.com https://files.connectwise.com https://cw.connectwise.net https://dc.services.visualstudio.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; upgrade-insecure-requests; img-src 'self' https://files.connectwise.com; script-src 'self' https://www.google.com/recaptcha/api.js https://www.gstatic.com https://ajax.aspnetcdn.com https://js.monitor.azure.com https://az416426.vo.msecnd.net https://dc.services.visualstudio.com; frame-src 'self' https://www.google.com/;
X-Request-Id
Other
f3d9659c-b65d-485f-a820-288627a9ca48
Recommendations
Enable compression (gzip/brotli) to improve performance