Open
Cached
·
just now
39
Headers
Detected Technologies from Headers
Gravatar
Cloudflare NEL Monitoring
Google AdSense
Google Tag Manager
G2
Amplitude
Kinsta
XING
Reddit
HubSpot Forms
Cookiebot
Megaphone
Google DoubleClick
Google Analytics
Microsoft Advertising
Google Conversion Tracking
ClearBit
Cloudflare CDN
Greenhouse
Outbrain
Oktopost
Google API JS Client
Leadfeeder
Hotjar
LinkedIn
Contentsquare
Active incidents
HubSpot Analytics
Google Search
Demandbase
Facebook
Matomo
HubSpot
Microsoft Clarity
HubSpot Live Chat
Sentry
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Present
payment=(self), geolocation=(self), microphone=(self); +6 more
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
Performance Headers
Connection
close
Transfer-Encoding
chunked
Vary
Accept-Encoding
connection: close transfer-encoding: chunked vary: Accept-Encoding
Caching Headers
Age
31409
Cache-Control
public, max-age=0, s-maxage=604800
Last-Modified
Thu, 28 May 2026 14:48:21 GMT
age: 31409 cache-control: public, max-age=0, s-maxage=604800 last-modified: Thu, 28 May 2026 14:48:21 GMT
Content Headers
Content-Type
text/html; charset=UTF-8
content-type: text/html; charset=UTF-8
Server Headers
Server
cloudflare
server: cloudflare
CORS Headers
Access-Control-Allow-Headers
Content-Type, Authorization, Content-Type, X-CSRF-TOKEN
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Access-Control-Allow-Origin
https://manager.sosafe.de
access-control-allow-headers: Content-Type, Authorization, Content-Type, X-CSRF-TOKEN access-control-allow-methods: GET,PUT,POST,DELETE access-control-allow-origin: https://manager.sosafe.de
Cookies Headers
Other Headers
Cf-Cache-Status
DYNAMIC
Cf-Ray
a0310e252c7fc9bc-IAD
Cross-Origin-Embedder-Policy-Report-Only
require-corp; report-to="default"
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="default"
Date
Thu, 28 May 2026 23:31:51 GMT
Feature-Policy
payment 'self'; geolocation 'self'; microphone 'self'; camera 'self'; display-capture 'self'; fullscreen 'self'
Ki-Cache-Tag
dab499d8-58dc-4173-96ff-dc16d831a990,3edd8a49c85b50725f7f8dcb59e608715dce0b59a7b8ac5f8e2b52a11ce48989
Ki-Cache-Type
Edge
Ki-Cf-Cache-Status
HIT
Ki-Edge
v=27.1.3;mv=99.9.9
Ki-Edge-O2o
yes
Ki-Origin
g1p
Nel
Report-To Group
cf-nel
max-age: 1w
success: 1.0%
Report-To
Strict-Dynamic
https: 'self'; default-src 'self'
X-Edge-Location-Klb
1
X-Kinsta-Cache
HIT
X-Permitted-Cross-Domain-Policies
none
cf-cache-status: DYNAMIC
cf-ray: a0310e252c7fc9bc-IAD
cross-origin-embedder-policy-report-only: require-corp; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
date: Thu, 28 May 2026 23:31:51 GMT
feature-policy: payment 'self'; geolocation 'self'; microphone 'self'; camera 'self'; display-capture 'self'; fullscreen 'self'
ki-cache-tag: dab499d8-58dc-4173-96ff-dc16d831a990,3edd8a49c85b50725f7f8dcb59e608715dce0b59a7b8ac5f8e2b52a11ce48989
ki-cache-type: Edge
ki-cf-cache-status: HIT
ki-edge: v=27.1.3;mv=99.9.9
ki-edge-o2o: yes
ki-origin: g1p
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tb749SmF5wzEYe%2BsSDKflRQVTEPAmJZ8Tz8zOOV6s7Cr7OCMxLnzZyuOHiI9a1fP9siKU%2B6wZO0V2OKtem%2BFNhH3AFcN7xRDrGS7iCLlGJKwwJKQqCSLZ1ywpEAOBsnXfeMX2n2o"}],"group":"cf-nel","max_age":604800}
strict-dynamic: https: 'self'; default-src 'self'
x-edge-location-klb: 1
x-kinsta-cache: HIT
x-permitted-cross-domain-policies: none
Recommendations
Enable compression (gzip/brotli) to improve performance