Open
Cached
·
just now
17
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=63072000; includeSubdomains;
Content-Security-Policy
Basic
default-src; connect-src; img-src; +7 more
default-src 'none'; connect-src 'self'; img-src 'self' 'unsafe-inline' data: ; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-ancestors 'self'; font-src 'self' data: ;script-src 'self' 'unsafe-inline' 'unsafe-eval';object-src 'self';frame-src 'self' https://*.sonicwall.com/
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
same-origin
Permissions-Policy
Present
xr-spatial-tracking=(), wake-lock=(), screen-wake-lock=(), usb=(), sync-xhr=(self), speaker=(), publickey-credentials-get=(), picture-in-picture=(), payment=(), midi=(), microphone=(), magnetometer=(), gyroscope=(), geolocation=(), fullscreen=(self), execution-while-out-of-viewport=(self), execution-while-not-rendered=(self), encrypted-media=(self), document-domain=(self), display-capture=(self), camera=(), battery=(), autoplay=(), ambient-light-sensor=(), accelerometer=()
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
Performance Headers
2 headers
Accept-Ranges
Performance
bytes
Connection
Performance
close
Caching Headers
3 headers
Cache-Control
Caching
private
Etag
Caching
W/"96-1732550870000"
Last-Modified
Caching
Mon, 25 Nov 2024 16:07:50 GMT
Content Headers
2 headers
Content-Length
Content
96
Content-Type
Content
text/html
Server Headers
0 headers
No server headers found
CORS Headers
0 headers
No CORS headers found
Cookies Headers
0 headers
No cookies headers found
Other Headers
3 headers
Date
Other
Thu, 27 Nov 2025 19:03:08 GMT
Feature-Policy
Other
xr-spatial-tracking 'none'; wake-lock 'none'; screen-wake-lock 'none'; usb 'none'; sync-xhr 'self'; speaker 'none'; publickey-credentials-get 'none'; picture-in-picture 'none'; payment 'none'; midi 'none'; microphone 'none'; magnetometer 'none'; gyroscope 'none'; geolocation 'none'; fullscreen 'self'; execution-while-out-of-viewport 'self'; execution-while-not-rendered 'self'; encrypted-media 'self'; document-domain 'self'; display-capture 'self'; camera 'none'; battery 'none'; autoplay 'none'; ambient-light-sensor 'none'; accelerometer 'none';
X-Permitted-Cross-Domain-Policies
Other
none
Recommendations
Enable compression (gzip/brotli) to improve performance
Analysis completed in 643ms