Open
Cached
·
just now
16
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload;
X-Frame-Options
Good
sameorigin
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Content-Type-Options: nosniff
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
connection: close
Caching Headers
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
cache-control: no-cache, no-store, must-revalidate, max-age=0 expires: Thu, 01 Jan 1970 00:00:00 GMT pragma: no-cache
Content Headers
Content-Length
32931
Content-Type
text/html;charset=UTF-8
content-length: 32931 content-type: text/html;charset=UTF-8
Server Headers
No server headers found
CORS Headers
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
Access-Control-Allow-Methods
GET, DELETE, OPTIONS, POST, PUT
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3628800
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT access-control-allow-origin: * access-control-max-age: 3628800
Cookies Headers
Other Headers
Date
Tue, 12 May 2026 02:10:11 GMT
X-Magnolia-Registration
Registered
date: Tue, 12 May 2026 02:10:11 GMT x-magnolia-registration: Registered
Recommendations
Enable compression (gzip/brotli) to improve performance