HTTP Headers Analysis for https://formularios.divipago.com

Detected Technologies from Headers

See all in URL Inspect 25

Amazon CloudFront

YouTube

AMP Buzzsprout Captivate

Checkhq

Cloudflare CDNJS

GitHub

Google API JS Client

Google Search

Google Static File Front End

jQuery

jsDelivr ManageEngine

Navattic ScoreApp

SoundCloud

Spotify

Twitter

Vimeo

Wistia

Zapier

Zoho Mail

Zoho Sites

Google Cloud

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=64072000; includeSubDomains; preload

Content-Security-Policy

Basic

script-src; connect-src; frame-src Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

accept-ranges: bytes
connection: close

Caching Headers

Cache-Control

Caching

max-age=31536000, no-cache

Etag

Caching

"6981bdf9-ce2c"

Expires

Caching

Tue, 16 Feb 2027 20:28:49 GMT

Last-Modified

Caching

Tue, 03 Feb 2026 09:20:57 GMT

cache-control: max-age=31536000, no-cache
etag: "6981bdf9-ce2c"
expires: Tue, 16 Feb 2027 20:28:49 GMT
last-modified: Tue, 03 Feb 2026 09:20:57 GMT

Content Headers

Content-Length

Content

52780

Content-Type

Content

text/html

content-length: 52780
content-type: text/html

Server Headers

Server

ZGS

server: ZGS

CORS Headers

Access-Control-Allow-Origin

Cors

*

access-control-allow-origin: *

Cookies Headers

Set-Cookie

Cookies

set-cookie: zip=204.93.227.90|US|united_states|Illinois|chicago|america|hosting; Secure; SameSite=Strict; Path=/; Expires=Tue, 17-Feb-26 20:28:49 GMT

Other Headers

Date

Other

Mon, 16 Feb 2026 20:28:49 GMT

X-Served-By

Other

US-DC

date: Mon, 16 Feb 2026 20:28:49 GMT
x-served-by: US-DC

Recommendations

Enable compression (gzip/brotli) to improve performance