HTTP Headers Analysis for https://clickipo.com

Detected Technologies from Headers

See all in URL Inspect 2

Cloudflare CDN

Express

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Present

origin

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

Accept-Encoding

connection: close
transfer-encoding: chunked
vary: Accept-Encoding

Caching Headers

Cache-Control

Caching

no-store

cache-control: no-store

Content Headers

Content-Type

Content

text/html

content-type: text/html

Server Headers

Server

cloudflare

X-Powered-By

Server

Express

server: cloudflare
x-powered-by: Express

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: ipocalendar_live_u2main=bus|1772024137202x594183351384263100|1772024137369x964753433225111300; path=/; expires=Sat, 28 Feb 2026 12:55:37 GMT; domain=click.markets; samesite=none; secure; httponly
ipocalendar_live_u2main.sig=nguhl8Uc2EcGiMle4s8rE3EalYA; path=/; expires=Sat, 28 Feb 2026 12:55:37 GMT; domain=click.markets; samesite=none; secure; httponly
ipocalendar_u1main=1772024137202x594183351384263100; path=/; domain=click.markets; samesite=none; secure

Other Headers

Alt-Svc

Other

h3=":443"; ma=86400

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

9d375ba789021f96-IAD

Date

Other

Wed, 25 Feb 2026 12:55:38 GMT

X-Bubble-Capacity-Limit

Other

0 ms slower

X-Bubble-Capacity-Used

Other

0.262 unit-seconds used

X-Bubble-Perf

Other

{"total":1163.6,"percents":{"top":{"bubble_cpu":8.6,"block":91.5,"capacity_rl":0,"other_pause":0,"pre_fiber":0.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":85.4,"appserver_cache_misses_time":0,"redis":37.1,"fiber_queue":33.5,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":9,"derived_cache_memory_misses":9,"serverjson":120,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":47,"fiber_queue":183,"blocks":182},"misc":{"userdb_results":3,"userdb_data":153470,"spent_time":17023343}}

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 9d375ba789021f96-IAD
date: Wed, 25 Feb 2026 12:55:38 GMT
x-bubble-capacity-limit: 0 ms slower
x-bubble-capacity-used: 0.262 unit-seconds used
x-bubble-perf: {"total":1163.6,"percents":{"top":{"bubble_cpu":8.6,"block":91.5,"capacity_rl":0,"other_pause":0,"pre_fiber":0.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":85.4,"appserver_cache_misses_time":0,"redis":37.1,"fiber_queue":33.5,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":9,"derived_cache_memory_misses":9,"serverjson":120,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":47,"fiber_queue":183,"blocks":182},"misc":{"userdb_results":3,"userdb_data":153470,"spent_time":17023343}}

Recommendations

Enable compression (gzip/brotli) to improve performance

Consider removing X-Powered-By header to hide server technology