HTTP Headers Analysis for https://gitlab.gnome.org

Detected Technologies from Headers

See all in URL Inspect 2

OpenResty

Varnish

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31557600

Content-Security-Policy

Weak

Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Present

interest-cohort=()

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Significantly strengthen CSP directives

Performance Headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

Vary

Performance

Accept-Encoding

accept-ranges: bytes
connection: close
vary: Accept-Encoding

Caching Headers

Cache-Control

Caching

max-age=0, private, must-revalidate

Etag

Caching

W/"40880d9531591d9c16eae53f7b00b723"

cache-control: max-age=0, private, must-revalidate
etag: W/"40880d9531591d9c16eae53f7b00b723"

Content Headers

Content-Length

Content

17541

Content-Type

Content

text/html; charset=utf-8

content-length: 17541
content-type: text/html; charset=utf-8

Server Headers

Server

openresty

X-Runtime

Server

0.025067

server: openresty
x-runtime: 0.025067

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: _gitlab_session=1dbfdaa0a797ed2a8c1af183066dfece; path=/; secure; HttpOnly; SameSite=None

Other Headers

Date

Other

Fri, 26 Jun 2026 00:41:24 GMT

Nel

Other

Report-To Group not specified max-age: 0s

Ratelimit-Limit

Other

107

Ratelimit-Name

Other

throttle_unauthenticated_web

Ratelimit-Observed

Other

3

Ratelimit-Remaining

Other

6397

Ratelimit-Reset

Other

1782435600

Via

Other

1.1 varnish

X-Cache

Other

MISS, MISS

X-Cache-Hits

Other

0, 0

X-Gitlab-Meta

Other

{"correlation_id":"01KW0NZMD9JAAHTBQ63CEF4V3J","version":"1"}

X-Permitted-Cross-Domain-Policies

Other

none

X-Request-Id

Other

01KW0NZMD9JAAHTBQ63CEF4V3J

X-Served-By

Other

cache-iad-kiad7000144-IAD, cache-iad-kiad7000144-IAD

X-Timer

Other

S1782434484.452841,VS0,VE312

X-Ua-Compatible

Other

IE=edge

date: Fri, 26 Jun 2026 00:41:24 GMT
nel: {"max_age": 0}
ratelimit-limit: 107
ratelimit-name: throttle_unauthenticated_web
ratelimit-observed: 3
ratelimit-remaining: 6397
ratelimit-reset: 1782435600
via: 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-gitlab-meta: {"correlation_id":"01KW0NZMD9JAAHTBQ63CEF4V3J","version":"1"}
x-permitted-cross-domain-policies: none
x-request-id: 01KW0NZMD9JAAHTBQ63CEF4V3J
x-served-by: cache-iad-kiad7000144-IAD, cache-iad-kiad7000144-IAD
x-timer: S1782434484.452841,VS0,VE312
x-ua-compatible: IE=edge

Recommendations

Enable compression (gzip/brotli) to improve performance