HTTP Headers Analysis for https://gauthmath.com

Detected Technologies from Headers

See all in URL Inspect 17

Akamai

Bing

Facebook

Gauthmath

Google Analytics

Google Conversion Tracking

Google DoubleClick

Google Search

Google Static File Front End

Google Tag Manager

Microsoft Clarity

Nginx

TikTok

TikTok Analytics

YouTube

Google Cloud

Google Cloud Storage

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Basic

report-uri; report-to; upgrade-insecure-requests; +8 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close, Transfer-Encoding

Transfer-Encoding

Performance

chunked

connection: close, Transfer-Encoding
transfer-encoding: chunked

Caching Headers

Cache-Control

Caching

max-age=0, no-cache, no-store

Expires

Caching

Tue, 28 Apr 2026 12:16:15 GMT

Pragma

Caching

no-cache

cache-control: max-age=0, no-cache, no-store
expires: Tue, 28 Apr 2026 12:16:15 GMT
pragma: no-cache

Content Headers

Content-Type

Content

text/html; charset=UTF-8

content-type: text/html; charset=UTF-8

Server Headers

Server

nginx

X-Powered-By

Server

Goofy Node

server: nginx
x-powered-by: Goofy Node

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: _region=us; Max-Age=259200000; Domain=.gauthmath.com; Path=/
app_region=us; Max-Age=259200000; Domain=.gauthmath.com; Path=/
_continent=us; Max-Age=259200000; Domain=.gauthmath.com; Path=/
_subdivision=us; Max-Age=259200000; Domain=.gauthmath.com; Path=/
_city=us; Max-Age=259200000; Domain=.gauthmath.com; Path=/
device_id=7633782832980837902; Domain=.gauthmath.com; Path=/; Expires=Mon, 27 Jul 2026 12:16:15 GMT
ttwid=1%7CaLt0PEQsIY0iULOgnS60b_r9IR9h2ZJ5BdV5zXBAB3s%7C1777378575%7C4ca21b94ba9edbbd9a3749f16065b506ff352d81ada7f5e762fbb3f22716f5bf; Domain=.gauthmath.com; Path=/; Expires=Mon, 27 Jul 2026 12:16:15 GMT

Other Headers

Date

Other

Tue, 28 Apr 2026 12:16:15 GMT

Reporting-Endpoints

Other

csp-endpoint="https://mon.gauthai-us.com/monitor_browser/collect/batch/security/?bid=EHI_H5&ev_type=csp&p=jMJf6k1GY6BA4KbmDVSsTh&v=3&s=657&b=oab"

Server-Timing

Other

cdn-cache; desc=MISS, edge; dur=6, origin; dur=390, inner; dur=387,bd-edenx-server-loader-(region$)/layout; dur=1.000166, bd-edenx-server-loader-layout; dur=11.000156, bd-edenx-server-loader-(region$)/page; dur=220.999956, bd-edenx-server-loader;decs="SSR"; dur=223.00005, bd-edenx-ssr-render-html;decs="SSR"; dur=49.999952, bd-edenx-server-handle-request; dur=374.000072

X-Akamai-Request-Id

Other

b3293b9.ff05ee2

X-Bytefaas-Enable-Stream

Other

true

X-Bytefaas-Execution-Duration

Other

377.18

X-Bytefaas-Request-Id

Other

2026042812161582321B6872DAAB505D0D

X-Cache

Other

TCP_MISS from a23-55-100-68.deploy.akamaitechnologies.com (AkamaiGHost/22.4.5.1-9ac4f7794220c9cdbe74f55d0b8e8d0f) (-)

X-Cache-Remote

Other

TCP_MISS from a23-55-171-217.deploy.akamaitechnologies.com (AkamaiGHost/22.4.5.1-9ac4f7794220c9cdbe74f55d0b8e8d0f) (-)

X-Ggw-Config-Version

Other

429683

X-Gw-Dst-Psm

Other

ehi.fe.portal_web_ttp_gs

X-Modernjs-Render

Other

server

X-Origin-Response-Time

Other

390,23.55.171.217

X-Parent-Response-Time

Other

396,23.55.100.68

X-Processed-By

Other

Modern.js

X-Tt-Logid

Other

2026042812161582321B6872DAAB505D0D

X-Tt-Trace-Host

Other

0170985da73eda8df0321faa52f826bb1ee1572ee9ab95e783ffb0eef018793d409f369637d727865a7429d8ed461adb9264a3303b86e79732ac8392d12038efa089d89e964839c9c4b4faf3751b7839aa7f4a606e988e28168192cf0d67e7166ca5c9370add2a3f44c8a9238c1f5b95eb

X-Tt-Trace-Id

Other

00-26042812161582321B6872DAAB505D0D-4150139F6582A639-00

X-Tt-Trace-Tag

Other

id=16;cdn-cache=miss;type=dyn

date: Tue, 28 Apr 2026 12:16:15 GMT
reporting-endpoints: csp-endpoint="https://mon.gauthai-us.com/monitor_browser/collect/batch/security/?bid=EHI_H5&ev_type=csp&p=jMJf6k1GY6BA4KbmDVSsTh&v=3&s=657&b=oab"
server-timing: cdn-cache; desc=MISS, edge; dur=6, origin; dur=390, inner; dur=387,bd-edenx-server-loader-(region$)/layout; dur=1.000166, bd-edenx-server-loader-layout; dur=11.000156, bd-edenx-server-loader-(region$)/page; dur=220.999956, bd-edenx-server-loader;decs="SSR"; dur=223.00005, bd-edenx-ssr-render-html;decs="SSR"; dur=49.999952, bd-edenx-server-handle-request; dur=374.000072
x-akamai-request-id: b3293b9.ff05ee2
x-bytefaas-enable-stream: true
x-bytefaas-execution-duration: 377.18
x-bytefaas-request-id: 2026042812161582321B6872DAAB505D0D
x-cache: TCP_MISS from a23-55-100-68.deploy.akamaitechnologies.com (AkamaiGHost/22.4.5.1-9ac4f7794220c9cdbe74f55d0b8e8d0f) (-)
x-cache-remote: TCP_MISS from a23-55-171-217.deploy.akamaitechnologies.com (AkamaiGHost/22.4.5.1-9ac4f7794220c9cdbe74f55d0b8e8d0f) (-)
x-ggw-config-version: 429683
x-gw-dst-psm: ehi.fe.portal_web_ttp_gs
x-modernjs-render: server
x-origin-response-time: 390,23.55.171.217
x-parent-response-time: 396,23.55.100.68
x-processed-by: Modern.js
x-tt-logid: 2026042812161582321B6872DAAB505D0D
x-tt-trace-host: 0170985da73eda8df0321faa52f826bb1ee1572ee9ab95e783ffb0eef018793d409f369637d727865a7429d8ed461adb9264a3303b86e79732ac8392d12038efa089d89e964839c9c4b4faf3751b7839aa7f4a606e988e28168192cf0d67e7166ca5c9370add2a3f44c8a9238c1f5b95eb
x-tt-trace-id: 00-26042812161582321B6872DAAB505D0D-4150139F6582A639-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

Recommendations

Enable compression (gzip/brotli) to improve performance

Consider removing X-Powered-By header to hide server technology