Open
Cached
·
just now
24
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=15780000;
Content-Security-Policy
Basic
default-src; font-src
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
accelerometer=(), usb=()
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
Performance Headers
3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding
Caching Headers
3 headers
Cache-Control
Caching
private, must-revalidate
Expires
Caching
-1
Pragma
Caching
no-cache
Content Headers
1 headers
Content-Type
Content
text/html; charset=UTF-8
Server Headers
1 headers
Server
Server
cloudflare
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
logout_redirect_url=eyJpdiI6InB4ZlUrWFA5MFVURExIT0RqdXd2Y1E9PSIsInZhbHVlIjoiZjd1V3Y2ekpQY01tOEJzYVVGQWkxM2pJeXBXRkVGRFZcL0kramZpUDZOM2ZSTnYyK1FsWmdRYUd1dERSZkxYRzgiLCJtYWMiOiIxNWM4YTg5ODExMjk1NzVlMzg5MDJhOGY4OTJkN2I3ZjM1MWE1NmEzOWE3YTIzYzA2NjU3YmNhM2MxYzliN2Q3In0%3D; expires=Thu, 14-Jan-2021 15:48:33 GMT; Max-Age=0; path=/;samesite=none; secure; httponly
Other Headers
8 headers
Alt-Svc
Other
h3=":443"; ma=86400
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
9bd609dbcae17071-IAD
Date
Other
Tue, 13 Jan 2026 15:48:33 GMT
X-Container-Platform
Other
yes
X-Content-Security-Policy
Other
default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;
X-Nc-Id
Other
1FJEJ3767O7JR62HTI7
X-Server-Version
Other
6.80a8fab4
Recommendations
Enable compression (gzip/brotli) to improve performance