HTTP Headers Analysis for https://htb.com

Detected Technologies from Headers

See all in URL Inspect 4

Cloudflare NEL Monitoring

Cloudflare CDN

Kinsta

PHP

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

Accept-Encoding

connection: close
transfer-encoding: chunked
vary: Accept-Encoding

Caching Headers

No caching headers found

Content Headers

Content-Type

Content

text/html; charset=UTF-8

content-type: text/html; charset=UTF-8

Server Headers

Server

cloudflare

server: cloudflare

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: PHPSESSID=9a55da3e551e50dcb9a313ec0e5243ca; path=/
__cf_bm=bHKmynmPEO.DtyABiDvXRmJM86_v1ZoG9QSn4vSKV9Y-1778375998-1.0.1.1-oG6kt8nmnNNL7lAA5fMW.LYxYzlNeODRt8yZ3L2m5W0793BUDUKrqjwtHwfQjN3rsmoghnZ.rgVA9W_QGK.v.47u7Y6Kq6A3EXjLHRWJKUs; path=/; expires=Sun, 10-May-26 01:49:58 GMT; domain=.htb.com; HttpOnly; Secure; SameSite=None

Other Headers

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

9f951e640db75008-IAD

Date

Other

Sun, 10 May 2026 01:19:58 GMT

Ki-Cache-Type

Other

None

Ki-Edge

Other

v=27.1.1;mv=99.9.9

Ki-Edge-O2o

Other

yes

Ki-Origin

Other

g1p

Nel

Other

Report-To Group cf-nel max-age: 1w

success: 1.0%

Report-To

Other

Group cf-nel max-age: 1w

Endpoint 1 https://a.nel.cloudflare.com/report/v4?s=ttPv%2FdMql1n%2FosR7YH0KmhblU89zEWEX61SAtFHnnKYlZA77RRC64LbTsrWeSQez6CHlOu%2B4sM4vgGLjz%2BNYtKGJwEedfOJ%2FrsRgYWmusnMGXsa2SLRYfHg%3D

Server-Timing

Other

cfCacheStatus;desc="DYNAMIC", cfEdge;dur=7,cfOrigin;dur=94

X-Edge-Location-Klb

Other

1

X-Kinsta-Cache

Other

HIT

X-Tec-Api-Origin

Other

https://htb.com

X-Tec-Api-Root

Other

https://htb.com/wp-json/tribe/events/v1/

X-Tec-Api-Version

Other

v1

cf-cache-status: DYNAMIC
cf-ray: 9f951e640db75008-IAD
date: Sun, 10 May 2026 01:19:58 GMT
ki-cache-type: None
ki-edge: v=27.1.1;mv=99.9.9
ki-edge-o2o: yes
ki-origin: g1p
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ttPv%2FdMql1n%2FosR7YH0KmhblU89zEWEX61SAtFHnnKYlZA77RRC64LbTsrWeSQez6CHlOu%2B4sM4vgGLjz%2BNYtKGJwEedfOJ%2FrsRgYWmusnMGXsa2SLRYfHg%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfCacheStatus;desc="DYNAMIC", cfEdge;dur=7,cfOrigin;dur=94
x-edge-location-klb: 1
x-kinsta-cache: HIT
x-tec-api-origin: https://htb.com
x-tec-api-root: https://htb.com/wp-json/tribe/events/v1/
x-tec-api-version: v1

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching