30 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Excellent
max-age=31536000; preload; includeSubDomains
Content-Security-Policy
Basic
default-src; script-src; style-src; +10 more Analyze
Content-Security-Policy-Report-Only
Good
default-src; script-src; style-src; +10 more Analyze
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
accelerometer=(self), attribution-reporting=(), autoplay=(); +44 more
Recommendations
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)

Performance Headers

Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding

Caching Headers

Cache-Control
Caching
private, no-cache, no-store, must-revalidate
Expires
Caching
Sat, 01 Jan 2000 00:00:00 GMT
Pragma
Caching
no-cache

Content Headers

Content-Type
Content
text/html; charset="utf-8"

Server Headers

No server headers found

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie
Cookies

Other Headers

Accept-Ch
Other
viewport-width,dpr,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
Accept-Ch-Lifetime
Other
4838400
Alt-Svc
Other
h3=":443"; ma=86400
Cross-Origin-Embedder-Policy-Report-Only
Other
require-corp;report-to="coep_report"
Date
Other
Mon, 23 Feb 2026 15:44:42 GMT
Document-Policy
Other
force-load-at-top, include-js-call-stacks-in-crash-reports
Origin-Agent-Cluster
Other
?1
Origin-Trial
Other
ArDvqjFKr1fHThlSM8Kkp74sxlOCFTeqYJMXCGqCG/VJmcYlO/0UavmpqPDit2KppDf1THInNpwA36GmtgPOug8AAAB2eyJvcmlnaW4iOiJodHRwczovL3d3dy5pbnN0YWdyYW0uY29tOjQ0MyIsImZlYXR1cmUiOiJDcmFzaFJlcG9ydGluZ1N0b3JhZ2VBUEkiLCJleHBpcnkiOjE3NzY3Mjk2MDAsImlzU3ViZG9tYWluIjp0cnVlfQ==
Report-To
Other
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown&brsid=7610087119441063890&comet_app_key=7&cpp=C3&cv=1033876605&st=1771861482400"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
Reporting-Endpoints
Other
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown&brsid=7610087119441063890&comet_app_key=7&cpp=C3&cv=1033876605&st=1771861482400", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
X-Fb-Connection-Quality
Other
EXCELLENT; q=0.9, rtt=22, rtx=0, c=13, mss=1368, tbw=3542, tp=-1, tpl=-1, uplat=86, ullat=0
X-Fb-Debug
Other
jGtvFHu3pidbxrXj5zU3OM0np0CET15OTQlzWd7DjaqNhzPwbssuqa2EwquPssuYfeukMX6ujutv1D59GH1fTQ==
X-Stack
Other
www

Recommendations

Enable compression (gzip/brotli) to improve performance