Open
Cached
·
6h ago
15
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding
Caching Headers
5 headers
Cache-Control
Caching
max-age=35238
Etag
Caching
"29459aa39f8cadb6d8a127b7207fd02e"
Expires
Caching
Fri, 23 Jan 2026 12:48:44 GMT
Last-Modified
Caching
Fri, 23 Jan 2026 03:01:27 GMT
Pragma
Caching
public
Content Headers
2 headers
Content-Language
Content
de
Content-Type
Content
text/html; charset=utf-8
Server Headers
1 headers
Server
Server
Apache
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
PHPSESSID=j89ajsio4oki0bv3k9ns2r8t16; path=/
Other Headers
2 headers
Date
Other
Fri, 23 Jan 2026 03:01:26 GMT
Link
Other
</typo3temp/assets/compressed/merged-6d328f9b0ae621a3789d1de472c08b8e-78e2758a57f2aeccc49f6c0aee7bcaeb.css?1738659042>; rel=preload; as=style, </typo3temp/assets/compressed/merged-43937e3a9b11827686e3306597fe864c-55c11629f9247146b6a3351e5299b2ad.css?1701141457>; rel=preload; as=style, </typo3temp/assets/compressed/merged-b898113294358f57ce6277c36feb46c3-7e07dddc48cdeab9f66d272e4929ccc4.js?1738659047>; rel=preload; as=script
Recommendations
Enable compression (gzip/brotli) to improve performance