Open
Cached
·
just now
23
Headers
Detected Technologies from Headers
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
accelerometer=(), ambient-light-sensor=(), battery=(); +4 more
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Significantly strengthen CSP directives
Performance Headers
Connection
close
Vary
Accept-Encoding, host
connection: close vary: Accept-Encoding, host
Caching Headers
Cache-Control
public, stale-while-revalidate=900, max-age=900
Etag
"h5wb3Slo6psM"
Expires
Mon, 27 Apr 2026 20:57:00 GMT
Last-Modified
Mon, 27 Apr 2026 20:39:00 GMT
cache-control: public, stale-while-revalidate=900, max-age=900 etag: "h5wb3Slo6psM" expires: Mon, 27 Apr 2026 20:57:00 GMT last-modified: Mon, 27 Apr 2026 20:39:00 GMT
Content Headers
Content-Length
62225
Content-Type
text/html; charset=utf-8
content-length: 62225 content-type: text/html; charset=utf-8
Server Headers
No server headers found
CORS Headers
Access-Control-Allow-Origin
*
access-control-allow-origin: *
Cookies Headers
Other Headers
Date
Mon, 27 Apr 2026 20:40:09 GMT
Reporting-Endpoints
csp-endpoint="https://csp.microsoft.com/report/AzurePortal"
Timing-Allow-Origin
*
X-Ms-Content-Source
DiskPersistentContentCache
X-Ms-Version
17.287.0.1
date: Mon, 27 Apr 2026 20:40:09 GMT reporting-endpoints: csp-endpoint="https://csp.microsoft.com/report/AzurePortal" timing-allow-origin: * x-ms-content-source: DiskPersistentContentCache x-ms-version: 17.287.0.1
Recommendations
Enable compression (gzip/brotli) to improve performance