HTTP Headers Analysis for https://my.gauthmath.com

Detected Technologies from Headers

See all in URL Inspect 17

Akamai

Bing

Facebook

Gauthmath

Google Analytics

Google Conversion Tracking

Google DoubleClick

Google Search

Google Static File Front End

Google Tag Manager

Microsoft Clarity

Nginx

TikTok

TikTok Analytics

YouTube

Google Cloud

Google Cloud Storage

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Basic

report-uri; report-to; upgrade-insecure-requests; +8 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close, Transfer-Encoding

Transfer-Encoding

Performance

chunked

connection: close, Transfer-Encoding
transfer-encoding: chunked

Caching Headers

Cache-Control

Caching

max-age=0, no-cache, no-store

Expires

Caching

Wed, 06 May 2026 12:24:31 GMT

Pragma

Caching

no-cache

cache-control: max-age=0, no-cache, no-store
expires: Wed, 06 May 2026 12:24:31 GMT
pragma: no-cache

Content Headers

Content-Type

Content

text/html; charset=UTF-8

content-type: text/html; charset=UTF-8

Server Headers

Server

nginx

X-Powered-By

Server

Goofy Node

server: nginx
x-powered-by: Goofy Node

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: _region=us; Max-Age=259200000; Domain=.gauthmath.com; Path=/
app_region=us; Max-Age=259200000; Domain=.gauthmath.com; Path=/
_continent=us; Max-Age=259200000; Domain=.gauthmath.com; Path=/
_subdivision=us; Max-Age=259200000; Domain=.gauthmath.com; Path=/
_city=us; Max-Age=259200000; Domain=.gauthmath.com; Path=/
device_id=7636753642879763982; Domain=.gauthmath.com; Path=/; Expires=Tue, 04 Aug 2026 12:24:30 GMT
ttwid=1%7CtxsLT2FjgMGar10_GvYyaxb_f1IUmm6ACeVFIFOCuek%7C1778070270%7C8bfe80165f3876f8b4acb2e853fe3a199d18ada5cbe968dd7ac76daab663526b; Domain=.gauthmath.com; Path=/; Expires=Tue, 04 Aug 2026 12:24:30 GMT

Other Headers

Date

Other

Wed, 06 May 2026 12:24:31 GMT

Reporting-Endpoints

Other

csp-endpoint="https://mon.gauthai-us.com/monitor_browser/collect/batch/security/?bid=EHI_H5&ev_type=csp&p=jMJf6k1GY6BA4KbmDVSsTh&v=3&s=657&b=oab"

Server-Timing

Other

inner; dur=1112,bd-edenx-server-loader-(region$)/layout; dur=0, bd-edenx-server-loader-layout; dur=13.999939, bd-edenx-server-loader-(region$)/page; dur=497.999907, bd-edenx-server-loader;decs="SSR"; dur=502.999783, bd-edenx-ssr-render-html;decs="SSR"; dur=75.000048, bd-edenx-server-handle-request; dur=923.999786, cdn-cache; desc=MISS, edge; dur=2, origin; dur=1116

X-Akamai-Request-Id

Other

713d0606

X-Bytefaas-Enable-Stream

Other

true

X-Bytefaas-Execution-Duration

Other

1103.40

X-Bytefaas-Request-Id

Other

20260506122430F60C7B755F3ED8624302

X-Cache

Other

TCP_MISS from a23-220-104-79.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0.1-8a6cb9ae5b7c562eeba48faa6e795939) (-)

X-Ggw-Config-Version

Other

433090

X-Gw-Dst-Psm

Other

ehi.fe.portal_web_ttp_gs

X-Modernjs-Render

Other

server

X-Origin-Response-Time

Other

1116,23.220.104.79

X-Processed-By

Other

Modern.js

X-Tt-Logid

Other

20260506122430F60C7B755F3ED8624302

X-Tt-Trace-Host

Other

0149b0725a1c465de28256e9cce0fbd8a38ef4963fd94d8a0ddc31e9ddd35baf2235d8830e73678bc2b4d86ff88aaf049d5c6273082fc0641ee523f4f616292b29b88d568b07fef417986f677bf6b48763f53ca7e32308680634cae290160b32fa

X-Tt-Trace-Id

Other

00-260506122430F60C7B755F3ED8624302-2502A9154A064093-00

X-Tt-Trace-Tag

Other

id=16;cdn-cache=hit;type=dyn

date: Wed, 06 May 2026 12:24:31 GMT
reporting-endpoints: csp-endpoint="https://mon.gauthai-us.com/monitor_browser/collect/batch/security/?bid=EHI_H5&ev_type=csp&p=jMJf6k1GY6BA4KbmDVSsTh&v=3&s=657&b=oab"
server-timing: inner; dur=1112,bd-edenx-server-loader-(region$)/layout; dur=0, bd-edenx-server-loader-layout; dur=13.999939, bd-edenx-server-loader-(region$)/page; dur=497.999907, bd-edenx-server-loader;decs="SSR"; dur=502.999783, bd-edenx-ssr-render-html;decs="SSR"; dur=75.000048, bd-edenx-server-handle-request; dur=923.999786, cdn-cache; desc=MISS, edge; dur=2, origin; dur=1116
x-akamai-request-id: 713d0606
x-bytefaas-enable-stream: true
x-bytefaas-execution-duration: 1103.40
x-bytefaas-request-id: 20260506122430F60C7B755F3ED8624302
x-cache: TCP_MISS from a23-220-104-79.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0.1-8a6cb9ae5b7c562eeba48faa6e795939) (-)
x-ggw-config-version: 433090
x-gw-dst-psm: ehi.fe.portal_web_ttp_gs
x-modernjs-render: server
x-origin-response-time: 1116,23.220.104.79
x-processed-by: Modern.js
x-tt-logid: 20260506122430F60C7B755F3ED8624302
x-tt-trace-host: 0149b0725a1c465de28256e9cce0fbd8a38ef4963fd94d8a0ddc31e9ddd35baf2235d8830e73678bc2b4d86ff88aaf049d5c6273082fc0641ee523f4f616292b29b88d568b07fef417986f677bf6b48763f53ca7e32308680634cae290160b32fa
x-tt-trace-id: 00-260506122430F60C7B755F3ED8624302-2502A9154A064093-00
x-tt-trace-tag: id=16;cdn-cache=hit;type=dyn

Recommendations

Enable compression (gzip/brotli) to improve performance

Consider removing X-Powered-By header to hide server technology