Open
Cached
·
just now
10
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Good
no-referrer
Permissions-Policy
Present
ch-ua=*, ch-ua-arch=*, ch-ua-bitness=*; +7 more
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
Performance Headers
Connection
close
connection: close
Caching Headers
No caching headers found
Content Headers
Content-Length
1561
Content-Type
text/html; charset=UTF-8
content-length: 1561 content-type: text/html; charset=UTF-8
Server Headers
No server headers found
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Accept-Ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="gfe-sandbox"
Date
Wed, 08 Apr 2026 12:53:17 GMT
Report-To
Group
gfe-sandbox
max-age: 4w
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-sandbox"
date: Wed, 08 Apr 2026 12:53:17 GMT
report-to: {"group":"gfe-sandbox","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/sandbox"}]}
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching