HTTP Headers Analysis for https://hao123.com

SSL Verification Bypassed

The server's SSL certificate could not be verified. The analysis was completed using insecure mode. Data may be less reliable.

Reason:

Hostname Mismatch - certificate is issued for baidu.com, baifubao.com, www.baidu.cn, www.baidu.com.cn, mct.y.nuomi.com, apollo.auto, dwz.cn, *.baidu.com, *.baifubao.com, not for hao123.com

Open Cached · just now

22 Headers

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Accept-Ranges

Performance

bytes

Connection

Performance

accept-ranges: bytes
connection: close

Caching Headers

Age

Caching

63459

Etag

Caching

"09f2e95a16735a2d6161be333cd058d4"

Expires

Caching

Thu, 07 May 2026 01:41:58 GMT

Last-Modified

Caching

Mon, 30 Jan 2023 10:55:03 GMT

age: 63459
etag: "09f2e95a16735a2d6161be333cd058d4"
expires: Thu, 07 May 2026 01:41:58 GMT
last-modified: Mon, 30 Jan 2023 10:55:03 GMT

Content Headers

Content-Length

Content

Content-Md5

Content

CfLpWhZzWi1hYb4zPNBY1A==

Content-Type

Content

text/html

content-length: 89
content-md5: CfLpWhZzWi1hYb4zPNBY1A==
content-type: text/html

Server Headers

Server

JSP3/2.0.14

server: JSP3/2.0.14

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Date

Other

Mon, 04 May 2026 19:19:51 GMT

Ohc-Cache-Hit

Other

dg5ct89 [2], wzix89 [2]

Ohc-File-Size

Other

Ohc-Global-Saved-Time

Other

Mon, 04 May 2026 01:41:58 GMT

X-Bce-Content-Crc32

Other

3080234348

X-Bce-Content-Crc32c

Other

X-Bce-Debug-Id

Other

7uWNaTtH/D7cq13DTJPpZVES5OIYh9Pp3QUvXvUc8kgwdSicqHOcgUWDfLv/223uONQdscsWiaCc7fAtmG6Yyw==

X-Bce-Flow-Control-Type

Other

-1

X-Bce-Is-Transition

Other

false

X-Bce-Request-Id

Other

a1c77632-a7c5-4d68-86f8-15ab9d94c6ca

X-Bce-Storage-Class

Other

STANDARD

X-Cache-Status

Other

HIT

date: Mon, 04 May 2026 19:19:51 GMT
ohc-cache-hit: dg5ct89 [2], wzix89 [2]
ohc-file-size: 89
ohc-global-saved-time: Mon, 04 May 2026 01:41:58 GMT
x-bce-content-crc32: 3080234348
x-bce-content-crc32c: 0
x-bce-debug-id: 7uWNaTtH/D7cq13DTJPpZVES5OIYh9Pp3QUvXvUc8kgwdSicqHOcgUWDfLv/223uONQdscsWiaCc7fAtmG6Yyw==
x-bce-flow-control-type: -1
x-bce-is-transition: false
x-bce-request-id: a1c77632-a7c5-4d68-86f8-15ab9d94c6ca
x-bce-storage-class: STANDARD
x-cache-status: HIT

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching