HTTP Headers Analysis for https://new-sentry.gitlab.net

Detected Technologies from Headers

See all in URL Inspect 3

Cloudflare NEL Monitoring

Algolia

Cloudflare CDN

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Good

object-src; style-src; frame-ancestors; +8 more Analyze

X-Frame-Options

Excellent

deny

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Add Content-Security-Policy header to prevent XSS attacks
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Vary

Performance

Accept-Language, Cookie

connection: close
vary: Accept-Language, Cookie

Caching Headers

Cache-Control

Caching

max-age=0, no-cache, no-store, must-revalidate, private

Expires

Caching

Tue, 07 Apr 2026 08:48:09 GMT

cache-control: max-age=0, no-cache, no-store, must-revalidate, private
expires: Tue, 07 Apr 2026 08:48:09 GMT

Content Headers

Content-Language

Content

en

Content-Length

Content

9564

Content-Type

Content

text/html

content-language: en
content-length: 9564
content-type: text/html

Server Headers

Server

cloudflare

server: cloudflare

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: sc=z74PQbYx3lFF4WL4EaZRyMBAI62SK5JN; expires=Tue, 06 Apr 2027 08:48:09 GMT; Max-Age=31449600; Path=/; SameSite=Lax
sentrysid=eyJ0ZXN0Y29va2llIjoid29ya2VkIn0:1wA26T:vDVjlQOcAKtVTj03wX6HFltxFfDJb_NZSezyC2935Ms; expires=Tue, 21 Apr 2026 08:48:09 GMT; HttpOnly; Max-Age=1209600; Path=/
__cf_bm=PeKaMG8uLITSw7w6_WfiTOJeqrZFlnCKFNgPE60aJu8-1775551689-1.0.1.1-P59.Cvjq.3LkMeYC2A3IoXQMZqIbjuemRQQJ93sE_dyVm3Ds8AWdBuNL5kUmNcI7x_4Shw3Os.s0_lCTg5sK0QhAhudUwf_NgoAwj3COr84; path=/; expires=Tue, 07-Apr-26 09:18:09 GMT; domain=.gitlab.net; HttpOnly; Secure; SameSite=None
_cfuvid=gM0vIMSjAjgR0q5R2jxLJ4b6p0JmOFxaIXUdz2K18Ig-1775551689870-0.0.1.1-604800000; path=/; domain=.gitlab.net; HttpOnly; Secure; SameSite=None

Other Headers

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

9e87c58c990a310c-IAD

Date

Other

Tue, 07 Apr 2026 08:48:09 GMT

Nel

Other

Report-To Group cf-nel max-age: 1w

success: 1.0%

Report-To

Other

Group cf-nel max-age: 1w

Endpoint 1 https://a.nel.cloudflare.com/report/v4?s=y7iT2ZiVH%2FsWoIwDvNrBC5BUfoJOfP7ch0I2iRvuuUJcLwj3V38FUxLFUGUUgEu69tMg09Luz%2F%2Ftds3iHWAkgljRrmdz%2FudCNmQJqkjKyuNueUYZPgjbNsRhKk7blPbeY2vKIk%2FChA%3D%3D

cf-cache-status: DYNAMIC
cf-ray: 9e87c58c990a310c-IAD
date: Tue, 07 Apr 2026 08:48:09 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y7iT2ZiVH%2FsWoIwDvNrBC5BUfoJOfP7ch0I2iRvuuUJcLwj3V38FUxLFUGUUgEu69tMg09Luz%2F%2Ftds3iHWAkgljRrmdz%2FudCNmQJqkjKyuNueUYZPgjbNsRhKk7blPbeY2vKIk%2FChA%3D%3D"}],"group":"cf-nel","max_age":604800}

Recommendations

Enable compression (gzip/brotli) to improve performance