HTTP Headers Analysis for https://hibob.com

Detected Technologies from Headers

See all in URL Inspect 3

Cloudflare NEL Monitoring

Cloudflare CDN

Kinsta

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=6; includeSubDomains

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

Accept-Encoding

connection: close
transfer-encoding: chunked
vary: Accept-Encoding

Caching Headers

No caching headers found

Content Headers

Content-Type

Content

text/html; charset=UTF-8

content-type: text/html; charset=UTF-8

Server Headers

Server

cloudflare

server: cloudflare

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: __cf_bm=n213csrR5mFR5oKAB4XSssNmWnoIwy1.FXd6pS5f93k-1777390396.334387-1.0.1.1-.ejFnM_5yno.gze_yBxccLqqFiApwCxhHMS7.JnT6nwvFofCBFsk_2EtftJhWdkSui5qQpL0Xypbv333RDzOZCIahdYAdbCQbOkVmgK5PTp5fbZ6Epa4P8NPYK0L8yeB; HttpOnly; Secure; Path=/; Domain=www.hibob.com; Expires=Tue, 28 Apr 2026 16:03:16 GMT

Other Headers

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

9f371fd919ce3b6b-IAD

Date

Other

Tue, 28 Apr 2026 15:33:16 GMT

Ki-Cache-Type

Other

None

Ki-Cf-Cache-Status

Other

BYPASS

Ki-Edge

Other

v=27.1.0;mv=99.9.9

Ki-Edge-O2o

Other

yes

Ki-Origin

Other

g1p

Nel

Other

Report-To Group cf-nel max-age: 1w

success: 1.0%

Report-To

Other

Group cf-nel max-age: 1w

Endpoint 1 https://a.nel.cloudflare.com/report/v4?s=cKjrqrkEAshyxLJSeb9FB8p7UyZ8vcbekFi6u%2F%2BpMGmFBWHqbQ4oTTSf2GWQZlAa0trqMnkFGIbrzO%2BvR5MLvfcHzbFF4yqXBLHZ53Y9uc1T7vXgXBBNEDH69FXZlR8%3D

X-Edge-Location-Klb

Other

1

X-Kinsta-Cache

Other

HIT

cf-cache-status: DYNAMIC
cf-ray: 9f371fd919ce3b6b-IAD
date: Tue, 28 Apr 2026 15:33:16 GMT
ki-cache-type: None
ki-cf-cache-status: BYPASS
ki-edge: v=27.1.0;mv=99.9.9
ki-edge-o2o: yes
ki-origin: g1p
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cKjrqrkEAshyxLJSeb9FB8p7UyZ8vcbekFi6u%2F%2BpMGmFBWHqbQ4oTTSf2GWQZlAa0trqMnkFGIbrzO%2BvR5MLvfcHzbFF4yqXBLHZ53Y9uc1T7vXgXBBNEDH69FXZlR8%3D"}],"group":"cf-nel","max_age":604800}
x-edge-location-klb: 1
x-kinsta-cache: HIT

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching