HTTP Headers Analysis for https://id.wilson.com

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=15552000; includeSubDomains; preload

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

2 headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

Caching Headers

2 headers

Age

Caching

5

Cache-Control

Caching

private, max-age=0, no-cache, no-store

Content Headers

3 headers

Content-Language

Content

en-ID

Content-Length

Content

312730

Content-Type

Content

text/html; charset=utf-8

Server Headers

1 headers

Server

cloudflare

CORS Headers

0 headers

No CORS headers found

Cookies Headers

1 headers

Set-Cookie

Cookies

_cfuvid=E6R_pdkWYi5gRO6ZEis5D50l0eCuhiHxxmItm17CCfw-1765444296228-0.0.1.1-604800000; path=/; domain=.id.wilson.com; HttpOnly; Secure; SameSite=None

Other Headers

18 headers

Alt-Svc

Other

h3=":443"; ma=86400

Cf-Cache-Status

Other

HIT

Cf-Ray

Other

9ac3db0309c8c56a-IAD

Cf-Worker-Cache-Key

Other

https://id.wilson.com/?key=NON_COOKIES:PRIMARY_COUNTRY:NON_QUERY

Cf-Worker-Cache-Resource

Other

LOCAL

Cf-Worker-Cached-At

Other

1765435213980

Date

Other

Thu, 11 Dec 2025 09:11:36 GMT

Link

Other

<https://cdn.myshopline.com>; rel="preconnect", <https://cdn-theme.myshopline.com>; rel="preconnect", <https://img.myshopline.com>; rel="preconnect", <https://img-va.myshopline.com>; rel="preconnect", </cdn/shop/prod/app-extension/01405986-ae6f-4fcc-adaa-2a21f14efc9f/1761213696274/assets/vendor/global.min.css>; rel="preload"; as="style", </cdn/shop/prod/app-extension/01405986-ae6f-4fcc-adaa-2a21f14efc9f/1761213696274/assets/back-to-top/index.min.css>; rel="preload"; as="style", </cdn/shop/prod/app-extension/01405986-ae6f-4fcc-adaa-2a21f14efc9f/1761213696274/assets/featured-carousel/index.min.css>; rel="preload"; as="style", </cdn/shop/prod/2405029587/1724049484189/66f3f35d2e1f7e5732c228cb/1737538988194/assets/base.css>; rel="preload"; as="style", </cdn/shop/prev/32ce041007058889bd9ccb8b22ade877/1723617834268/assets/section-announcement-bar.css>; rel="preload"; as="style", </cdn/shop/prev/32ce041007058889bd9ccb8b22ade877/1723617834268/assets/lib-splide.min.css>; rel="preload"; as="style", </cdn/shop/prod/2405029587/1722911146473/66bf04de386fac37e1a3fbc7/1724663312216/assets/section-header.css>; rel="preload"; as="style"

Nel

Other

{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}

Report-To

Other

{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2h%2F4%2FIusdmJjGmGwhF6Naq5aLhoW9sgQv7cMLBgKe9r2VGEQc7l%2Fl7FZXcoAsEnOafpwZbHT8upJcqvEhOWHkwh5JC3m0GbvKGP9hJ02PKr79v0r6EKjavTc8U2nu34%3D"}],"group":"cf-nel","max_age":604800}

X-Download-Options

Other

noopen

X-Le-Render-Mode

Other

stream-like

X-Le-Theme

Other

Charm

X-Le-Theme-Id

Other

683fef561aec083933dff559

X-Le-Theme-Version

Other

1.3.49

X-Readtime

Other

521

X-Response-Id

Other

835147bde273366b57970d2d9e52d902

X-Response-Time

Other

521

Recommendations

Enable compression (gzip/brotli) to improve performance