Open
Cached
·
2h ago
13
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer
Permissions-Policy
Present
accelerometer=(), camera=(), geolocation=(self); +5 more
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
Performance Headers
Connection
close
Transfer-Encoding
chunked
connection: close transfer-encoding: chunked
Caching Headers
No caching headers found
Content Headers
Content-Type
text/html; charset=utf-8
content-type: text/html; charset=utf-8
Server Headers
No server headers found
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Date
Sun, 10 May 2026 02:16:06 GMT
Request-Context
appId=cid-v1:731f0007-4f15-4190-963f-f14403194ac3
X-Content-Security-Policy
default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src-elem 'self' https://fonts.googleapis.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts allow-popups; base-uri 'self';
X-Robots-Tag
nofollow, noindex
date: Sun, 10 May 2026 02:16:06 GMT request-context: appId=cid-v1:731f0007-4f15-4190-963f-f14403194ac3 x-content-security-policy: default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src-elem 'self' https://fonts.googleapis.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts allow-popups; base-uri 'self'; x-robots-tag: nofollow, noindex
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching