HTTP Headers Analysis for https://linkwi.se

Detected Technologies from Headers

See all in URL Inspect 1

Nginx

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Present

interest-cohort=()

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

connection: close
transfer-encoding: chunked

Caching Headers

Cache-Control

Caching

private, must-revalidate

Etag

Caching

"72a6cee7ff76a2675b8e2412643d2bc9"

Expires

Caching

-1

Pragma

Caching

no-cache

cache-control: private, must-revalidate
etag: "72a6cee7ff76a2675b8e2412643d2bc9"
expires: -1
pragma: no-cache

Content Headers

Content-Type

Content

text/html; charset=UTF-8

content-type: text/html; charset=UTF-8

Server Headers

Server

nginx

X-Powered-By

Server

Statamic

server: nginx
x-powered-by: Statamic

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: XSRF-TOKEN=eyJpdiI6InptNlJ0YXV4QW1lZ0gxcHVoN2FvTnc9PSIsInZhbHVlIjoiTytabDB4eDNNK29CdTg5QklHQWNQTExwM2pweFVQMGYrY0xuTm9iWEVrQ1E1S1RsTi9hWXJPQ2s3SVJvUW5kQlh2N1ZDVVZWa2YxSXhsVGExaGlWWEJUTHRKR3dJZGErV1dWY2JEL3A3NUgzbXI1YXNRWVRqNEdUSy9ndlZKNDEiLCJtYWMiOiJlZTQ0YzhiNThlZWNlOTY2MTQ2YTY5YzhjZmExZjk3YjFjZDBkMjUzNjFlOTBlMmM2OTEyZDJmZWNjMGRjOGM2IiwidGFnIjoiIn0%3D; expires=Fri, 08 May 2026 01:59:00 GMT; Max-Age=7200; path=/; secure; samesite=lax
linkwise_session=eyJpdiI6InhYQnhidEZyZ3dTUW9YZHArYjVzUnc9PSIsInZhbHVlIjoiNlhQSXRRTm5uS2NSNGx5RG91RlhFZ3kxaTYvQXkrejUyYnlXNEtDbFpEMk5aWE1iek1OR0RzR21KclJyd3R3dFBWbmxod3hUb3dTcFN6dkxzWlo0dFo5MU9xcGdUaHRBdUY4L2lTOEhPUkdCZHYyd1JicWFXWE96bm4zTDFlRSsiLCJtYWMiOiIzYzkyOTllNTgyZjM2OGY3NjVjMWVhNDMwY2ZhOGNiNTNkMTE2OWYzN2EwMTEwNWViOGZjYTQzNjA1MWUzNGI0IiwidGFnIjoiIn0%3D; expires=Fri, 08 May 2026 01:59:00 GMT; Max-Age=7200; path=/; httponly; samesite=lax

Other Headers

Date

Other

Thu, 07 May 2026 23:59:00 GMT

date: Thu, 07 May 2026 23:59:00 GMT

Recommendations

Enable compression (gzip/brotli) to improve performance

Consider removing X-Powered-By header to hide server technology