HTTP Headers Analysis for https://identicons.github.com

Detected Technologies from Headers

See all in URL Inspect 4

GitHub

Amazon S3

Azure Blob Storage GitHub Copilot

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000; includeSubdomains; preload

Content-Security-Policy

Good

default-src; base-uri; child-src; +12 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Excellent

deny

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Present

origin-when-cross-origin, strict-origin-when-cross-origin

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Strengthen CSP by removing 'unsafe-eval'
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With,Accept-Encoding, Accept, X-Requested-With

connection: close
transfer-encoding: chunked
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With,Accept-Encoding, Accept, X-Requested-With

Caching Headers

Cache-Control

Caching

no-cache

cache-control: no-cache

Content Headers

Content-Type

Content

text/html; charset=utf-8

content-type: text/html; charset=utf-8

Server Headers

Server

github.com

server: github.com

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: _gh_sess=KaoDCzJm4EjGanykK18MFkyBtdRJRO6B4MR%2FSaSuwN4DS6hYiVrZwNZihfPHWUdWtd8i2mTv6MKRVYCNdmjR%2BMDH6rqPmBJFPuM1MJv6LyYBST1UKuvAkXKM64CISXpgNgUAUorunP2HsX17pnVSaGs7%2BfnZ0V1406qpeYeNiGqNKaH2rDcwL4AHOv067aLtkIQW%2Bp2VVKMT%2Bs2oHXd%2FbIWJN25vtHvDegwJowJHg9z5v7vPfx9QB6o4wgopm75bpstZWYlyHjkwVtE5eeZiRQ%3D%3D--LSkFe8R6%2FChemGAy--y%2BCDb%2FMXd56Cbzclo%2FUhIw%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
_octo=GH1.1.1790958954.1771634873; Path=/; Domain=github.com; Expires=Sun, 21 Feb 2027 00:47:53 GMT; Secure; SameSite=Lax
logged_in=no; Path=/; Domain=github.com; Expires=Sun, 21 Feb 2027 00:47:53 GMT; HttpOnly; Secure; SameSite=Lax

Other Headers

Date

Other

Sat, 21 Feb 2026 00:47:53 GMT

X-Github-Request-Id

Other

B04A:364714:F055:11E81:699900B9

date: Sat, 21 Feb 2026 00:47:53 GMT
x-github-request-id: B04A:364714:F055:11E81:699900B9

Recommendations

Enable compression (gzip/brotli) to improve performance