Open
Cached
·
just now
26
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
Basic
upgrade-insecure-requests; default-src; script-src; +9 more
upgrade-insecure-requests; default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Present
camera=(), microphone=(), midi=(), geolocation=(), interest-cohort=(), clipboard-read=(), unload=()
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
Performance Headers
3 headers
Accept-Ranges
Performance
bytes
Connection
Performance
close
Vary
Performance
Accept-Encoding,User-Agent
Caching Headers
3 headers
Age
Caching
0
Cache-Control
Caching
max-age=60, stale-while-revalidate=6, stale-if-error=864000, private,no-transform
Etag
Caching
W/"hash6917928319590828308"
Content Headers
2 headers
Content-Length
Content
1136165
Content-Type
Content
text/html; charset=UTF-8
Server Headers
0 headers
No server headers found
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
GU_geo_country=US; path=/; Secure
Other Headers
10 headers
Alt-Svc
Other
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Date
Other
Mon, 29 Dec 2025 20:49:00 GMT
Feature-Policy
Other
camera 'none'; microphone 'none'; midi 'none'; geolocation 'none'
Link
Other
<https://assets-code.guim.co.uk/stylesheets/4ea17d95d9634148bc752ff8f571666f/facia.garnett.css>; rel=preload; as=style; nopush,<https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6,es7,es2017,es2018,es2019,default-3.6,HTMLPictureElement,IntersectionObserver,IntersectionObserverEntry,URLSearchParams,fetch,NodeList.prototype.forEach,navigator.sendBeacon,performance.now,Promise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&clearCache=5>; rel=preload; as=script; nopush,<https://assets-code.guim.co.uk/javascripts/3eb93fd62c6aff3c0322/graun.standard.js>; rel=preload; as=script; nopush,<https://assets.guim.co.uk/>; rel=preconnect,<https://i.guim.co.uk>; rel=preconnect,<https://j.ophan.co.uk>; rel=preconnect,<https://ophan.theguardian.com>; rel=preconnect,<https://api.nextgen.guardianapps.co.uk>; rel=preconnect,<https://hits-secure.theguardian.com>; rel=preconnect,<https://interactive.guim.co.uk>; rel=preconnect,<https://phar.gu-web.net>; rel=preconnect,<https://static.theguardian.com>; rel=preconnect,<https://support.theguardian.com>; rel=preconnect
Onion-Location
Other
https://www.guardian2zotagl6tmjucg3lrhxdk4dw3lhbqnkvvkywawy3oqfoprid.onion/us
X-Gu-Edition
Other
us
X-Gu-Frontend-Git-Commit-Id
Other
88695d2d1aa4f6c268f70cabcfd994ea5ac8076a
X-Gu-Server-Ab-Tests
Other
thefilter-product-element:control
X-Robots-Tag
Other
bingbot: noarchive
X-Timer
Other
S1767041339.144304,VS0,VS0,VS0,VE1422
Recommendations
Enable compression (gzip/brotli) to improve performance
Analysis completed in 1605ms