HTTP Headers Analysis for https://marianstepak.com

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Basic

base-uri; object-src; report-uri; +3 more

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Present

origin

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Consider adding Permissions-Policy to control browser features

Performance Headers

3 headers

Accept-Ranges

Performance

none

Transfer-Encoding

Performance

chunked

Vary

Performance

Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Accept-Encoding

Caching Headers

3 headers

Cache-Control

Caching

no-cache, no-store, max-age=0, must-revalidate

Expires

Caching

Mon, 01 Jan 1990 00:00:00 GMT

Pragma

Caching

no-cache

Content Headers

1 headers

Content-Type

Content

text/html; charset=utf-8

Server Headers

1 headers

Server

ESF

CORS Headers

0 headers

No CORS headers found

Cookies Headers

0 headers

No cookies headers found

Other Headers

3 headers

Date

Other

Fri, 14 Nov 2025 12:09:08 GMT

Document-Policy

Other

include-js-call-stacks-in-crash-reports

Reporting-Endpoints

Other

default="/web-reports?jobset=prod&wcrumsspbp=false&bl=editors.sites-viewer-frontend_20251110.02_p0&app=25&clss=1&context=eJwNz3lQlAUABfDPb7_vYSgCi8iCyrEoQSgijanABsvCQlhmmu2GTZCwKoJggHgnDOKZjVYWaogiBLLihSWO2ODRDNpYXmnUerKici2QyKFB74_fzHvvv2d_wKFkuEGoHmEQ5ow2CB-S806D4EODRQZh1B6DIJUahNGkOWkQDPcNwmK62GYQbtKn7kYhg56PNwqSp1FYMcEoFFJyjFHIppW0mUID7wiDhEl3BE-KeNQtxlJwXo84g2z5PWIvrU7rFfPpcnifeJ3qNH3iJXph6hMHqWJbn3iMFl7pF5dSsnJATKMMYUjMpb5xQ6Iwfkh8vmpIfEVvzlMowigiX6GIpbmPFYoEWmULlfJoSk-YNJ3EonDJns4cCZfOU9wMjTSHcgyR0jqqHaeV6qkrXiv1U0G7VtpO_6yNkpqo1hwl1ZOmOkqKod3LdVIxJefqpDQSj-skezp8UiedoJk_6yQtZfhES7nUGxgjDdGMpTFSJE38PEaaTBubY6QvyThNLyXR5Z_0UiN9-1WsVEaVVEtFaXHSAWpSviO1ksUuXrLSynkl8ga6bi6RH9Jfp0vkB3T93wNyI0WNLZXjyfv9UtmfPrMcklNpve2QXEhnl5TJF6kqvUw-SVeayuQbpDpRLnuT3doK2ZEcCitkV3L3qpR9yP_jSjmY5rZUyQl0eLZZPkEPU8zyMzpXaZZ_pemB1XIEXa-vlhspK_movIZalh2Vu2lvdYtcSg0NrfI1Mka0yUm04EKbnEx_Gtvlu-S4r112I8XjkRhBxx0dUEt-tQ4IojuXRuE-5YY44gt6r8QR86m53AkdZH7qjBpa0uKM5WQXrIQjDVO74DWqme6CsxQ5wwVxFHJ3NELpySZX2GhD6RhsptctYzCFfkh2QxnZp7tBSQMZzJlu2Oqtwi5aPE2FZyYVuuhUtQp11HdZBeGKCusOumMj3Sp1h4VWbvPABhqweUDs9EBxrwfKybpzLNpot3Yc9tKC-HFIovtmTzT87Ymr1GTxxFPyt3kimOZ3eSKB6hZ44cwiL_xCLae80E2z7Lwxj2qme_OrN1pTvdFR640XtPaQDwoo2uaDdyl9iho59FasGmHkukKN8fSyUA3FJjXSDqiRTeeuqnGBRv6uhjP10ivS_6HGLKqkatoxqMZuKp3qiyr6L9wXssYXxyN8UUttqb54Tp2rfdFDCbd8sZD8jk5AECUem4DFFG_ww1xqMvqhlXplfwxRt4M_Bujefn800e1mZqp1DEA9WZ0D0EaNLgF4SC9HB0DhGoDvb4eigm4IYfjNHIab1O8UjkEyzw5HDQ0JGtgN0yBshAazaPl3Gqwiy9dvw0omRQSWkv3ECCjJMikSVqrXReIa-V6KRCAt02mxghqLtMhv0WIrFbjrsJ126XXYQ2NMOqioK12HfnLKZyebIhpD5PBJNFzpXkc0mun58Ri8IpdkPVR0cL0ei_P0yKT9FXr8SDMb9NBSe04sekh9JBZvUHd1LAbom6A47KMz9-Nwng51xOHetkdopsSnj5BCyg-s8KC8RCu2kH2_FUrKymvGGmpxe4Juqmp7AmPGUyRR8d0WlNPe0FY82dEKv9MdUG6xwaXUhpzMTlQVdKL9QSeUI4dbT1sa4HStrr9Y4SF9lGpaqZ5kSknNyczKDspOzTFlT87lZsqavCgrMyPHlJGSGBIcMm3q1KnBQcEhicuD_weh324W&build-label=editors.sites-viewer-frontend_20251110.02_p0&imp-sid=CMrKg-vN8ZADFQ5IqwIdP30Xlg&is-cached-offline=false"

Recommendations

Enable compression (gzip/brotli) to improve performance