Open
Cached
·
just now
14
Headers
Detected Technologies from Headers
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Accept-Ranges
bytes
Connection
close
accept-ranges: bytes connection: close
Caching Headers
Etag
"1dcb6c1bbcd2499"
Last-Modified
Wed, 18 Mar 2026 10:26:51 GMT
etag: "1dcb6c1bbcd2499" last-modified: Wed, 18 Mar 2026 10:26:51 GMT
Content Headers
Content-Length
793
Content-Type
text/html
content-length: 793 content-type: text/html
Server Headers
No server headers found
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Client-Request-Id
3c14a04b-652f-4074-8e95-826abfe48898
Date
Wed, 25 Mar 2026 23:08:17 GMT
Reporting-Endpoints
csp-report-endpoint="https://mysignins.microsoft.com/api/browserReports/csp-violation"
X-Ms-Correlation-Id
e6d60e36-d119-499a-8de4-c3f4272a4dd3
X-Ms-Gateway-Requestid
52820c87-ce36-4c37-9562-3124a0c680ce
X-Ms-Mysignins-Region
northcentralus
client-request-id: 3c14a04b-652f-4074-8e95-826abfe48898 date: Wed, 25 Mar 2026 23:08:17 GMT reporting-endpoints: csp-report-endpoint="https://mysignins.microsoft.com/api/browserReports/csp-violation" x-ms-correlation-id: e6d60e36-d119-499a-8de4-c3f4272a4dd3 x-ms-gateway-requestid: 52820c87-ce36-4c37-9562-3124a0c680ce x-ms-mysignins-region: northcentralus
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching