Open
Cached
·
just now
16
Headers
Detected Technologies from Headers
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
X-Frame-Options
Excellent
deny
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Transfer-Encoding
chunked
Vary
Accept-Encoding
connection: close transfer-encoding: chunked vary: Accept-Encoding
Caching Headers
Cache-Control
max-age=0, must-revalidate, no-cache, no-store, private
Expires
Fri, 08 May 2026 03:22:28 GMT
Pragma
no-cache
cache-control: max-age=0, must-revalidate, no-cache, no-store, private expires: Fri, 08 May 2026 03:22:28 GMT pragma: no-cache
Content Headers
Content-Type
text/html; charset=UTF-8
content-type: text/html; charset=UTF-8
Server Headers
Server
Apache
server: Apache
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Date
Fri, 08 May 2026 03:22:27 GMT
X-Content-Security-Policy-Report-Only
base-uri 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'nonce-yrdph72txO+K7eNrT1xiXRpO' 'nonce-2fmbY1fI7WdyGp/yhva9PhCs' 'nonce-+ljvcwn33JbdLyMkjfs7wFWM' 'nonce-W8Co+WL+C5NhxwxUXiCddMcf' 'nonce-i7yXjMPviEmHs79vn58HZJ7W' 'nonce-fAsU3aLKYc13u/qGDH1OOIQE' 'nonce-JNZVo5jmIrBhp3x2gsr+SRxP' 'nonce-1txZnFmSkYhkHMyoG1T9tz22' 'nonce-Qh2qhII/R/GV4tJzWojAFVGw' 'unsafe-inline' https: 'strict-dynamic'; report-uri https://sentry.infra-saas.b47ch.com/api/2/security/?sentry_key=749aa2cc255bbd72a0077daed55d38e2&sentry_environment=production
X-Webkit-Csp-Report-Only
base-uri 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'nonce-yrdph72txO+K7eNrT1xiXRpO' 'nonce-2fmbY1fI7WdyGp/yhva9PhCs' 'nonce-+ljvcwn33JbdLyMkjfs7wFWM' 'nonce-W8Co+WL+C5NhxwxUXiCddMcf' 'nonce-i7yXjMPviEmHs79vn58HZJ7W' 'nonce-fAsU3aLKYc13u/qGDH1OOIQE' 'nonce-JNZVo5jmIrBhp3x2gsr+SRxP' 'nonce-1txZnFmSkYhkHMyoG1T9tz22' 'nonce-Qh2qhII/R/GV4tJzWojAFVGw' 'unsafe-inline' https: 'strict-dynamic'; report-uri https://sentry.infra-saas.b47ch.com/api/2/security/?sentry_key=749aa2cc255bbd72a0077daed55d38e2&sentry_environment=production
date: Fri, 08 May 2026 03:22:27 GMT x-content-security-policy-report-only: base-uri 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'nonce-yrdph72txO+K7eNrT1xiXRpO' 'nonce-2fmbY1fI7WdyGp/yhva9PhCs' 'nonce-+ljvcwn33JbdLyMkjfs7wFWM' 'nonce-W8Co+WL+C5NhxwxUXiCddMcf' 'nonce-i7yXjMPviEmHs79vn58HZJ7W' 'nonce-fAsU3aLKYc13u/qGDH1OOIQE' 'nonce-JNZVo5jmIrBhp3x2gsr+SRxP' 'nonce-1txZnFmSkYhkHMyoG1T9tz22' 'nonce-Qh2qhII/R/GV4tJzWojAFVGw' 'unsafe-inline' https: 'strict-dynamic'; report-uri https://sentry.infra-saas.b47ch.com/api/2/security/?sentry_key=749aa2cc255bbd72a0077daed55d38e2&sentry_environment=production x-webkit-csp-report-only: base-uri 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'nonce-yrdph72txO+K7eNrT1xiXRpO' 'nonce-2fmbY1fI7WdyGp/yhva9PhCs' 'nonce-+ljvcwn33JbdLyMkjfs7wFWM' 'nonce-W8Co+WL+C5NhxwxUXiCddMcf' 'nonce-i7yXjMPviEmHs79vn58HZJ7W' 'nonce-fAsU3aLKYc13u/qGDH1OOIQE' 'nonce-JNZVo5jmIrBhp3x2gsr+SRxP' 'nonce-1txZnFmSkYhkHMyoG1T9tz22' 'nonce-Qh2qhII/R/GV4tJzWojAFVGw' 'unsafe-inline' https: 'strict-dynamic'; report-uri https://sentry.infra-saas.b47ch.com/api/2/security/?sentry_key=749aa2cc255bbd72a0077daed55d38e2&sentry_environment=production
Recommendations
Enable compression (gzip/brotli) to improve performance