DNS Gurus

SSL Verification Bypassed

The server's SSL certificate could not be verified. The analysis was completed using insecure mode. Data may be less reliable.

Reason:

Hostname Mismatch - certificate is issued for *.cloudinary.com, *.cloudinary.us, not for hff.de.multicdn.cloudinary.com

Cached · just now
15 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=604800
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

Performance Headers

Accept-Ranges
Performance
bytes

Caching Headers

Cache-Control
Caching
private, no-transform, max-age=0, no-cache
Pragma
Caching
no-cache

Content Headers

Content-Disposition
Content
inline
Content-Length
Content
0
Content-Type
Content
image/gif

Server Headers

Server
Server
Cloudinary

CORS Headers

Access-Control-Allow-Origin
Cors
*
Access-Control-Expose-Headers
Cors
Content-Length,Content-Disposition,Server-Timing,X-Cld-Error

Cookies Headers

No cookies headers found

Other Headers

Content-Transfer-Encoding
Other
binary
Date
Other
Wed, 18 Feb 2026 11:54:48 GMT
Server-Timing
Other
cld-fastly;mitm=p;dur=0;start=2026-02-18T11:54:48.000Z;desc=hit,rtt;dur=7
Timing-Allow-Origin
Other
*
X-Cld-Error
Other
Resource not found

Recommendations

Enable compression (gzip/brotli) to improve performance