Open
Cached
·
just now
23
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Basic
script-src; style-src; frame-src
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Present
microphone=(self)
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
Performance Headers
3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding
Caching Headers
3 headers
Cache-Control
Caching
no-cache,no-store
Expires
Caching
-1
Pragma
Caching
no-cache
Content Headers
1 headers
Content-Type
Content
text/html; charset=utf-8
Server Headers
1 headers
Server
Server
cloudflare
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
.AspNetCore.Session=CfDJ8BdyIW7lZi5Fu47ra9QBwoUylVtJ2AhF%2F8%2BjiH0N8BzDhPhEiV8ww1a5qFcc4ORl2Z4JYfeva5Nysr3tZii561bqeiOkr0JyWbExxaqRf84mvzg13W6mbJ0IhwXMfAkniGLTFVHXJ2b4JStAu0ds%2B6BIhUzKuc3D3fGHgfnmtxN9; path=/; secure; samesite=lax; httponly
Other Headers
7 headers
Alt-Svc
Other
h3=":443"; ma=86400
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
9c15a6c56f03aeda-IAD
Date
Other
Wed, 21 Jan 2026 09:05:43 GMT
Feature-Policy
Other
accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
Server-Timing
Other
cfEdge;dur=10,cfOrigin;dur=46
X-Permitted-Cross-Domain-Policies
Other
none
Recommendations
Enable compression (gzip/brotli) to improve performance