Open
Cached
·
just now
14
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
Content-Security-Policy
Strong
default-src; object-src; frame-ancestors; +4 more
default-src 'self' https://www.pwc.co.uk https://hub.pwc.cz https://akce.pwc.cz https://blog.pwc.cz https://fonts.googleapis.com https://fonts.gstatic.com https://region1.google-analytics.com https://cke4.ckeditor.com https://cdn.ckeditor.com https://code.jquery.com https://cdnjs.cloudflare.com https://pwceur.sharepoint.com https://polpwc.sharepoint.com;object-src 'none'; frame-ancestors 'self' https://polpwc.sharepoint.com;form-action 'self'; frame-src 'self' https://login-stg.pwc.com https://login-stg.pwcinternal.com https://login.pwc.com https://www.youtube.com https://www.soundcloud.com https://w.soundcloud.com https://pwceur.sharepoint.com https://polpwc.sharepoint.com https://docs.google.com; style-src 'self' https://fonts.googleapis.com https://cdn.ckeditor.com https://code.jquery.com https://cdnjs.cloudflare.com 'nonce-hjXeC58QFhaLnvVcwZVTHeN9jgmefU1714PjSucRKkU='; script-src 'self' https://www.googletagmanager.com https://cdn.ckeditor.com https://code.jquery.com https://cdnjs.cloudflare.com 'nonce-hjXeC58QFhaLnvVcwZVTHeN9jgmefU1714PjSucRKkU=';
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
2 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Caching Headers
1 headers
Cache-Control
Caching
no-store
Content Headers
1 headers
Content-Type
Content
text/html
Server Headers
1 headers
Server
Server
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
incap_ses_1607_2970142=bgpHHA64fBa/KuvQhTZNFp/XRmkAAAAA4SABLmsBRaH5QXGW0CRV4g==; path=/; Secure; SameSite=None
Other Headers
4 headers
Date
Other
Sat, 20 Dec 2025 17:06:39 GMT
Request-Context
Other
appId=cid-v1:36e5dfe7-8b96-4fea-b874-25a3264cd8bb
X-Cdn
Other
Imperva
X-Iinfo
Other
56-71049951-71049955 NNNN CT(82 168 0) RT(1766250399543 5) q(0 0 3 1) r(4 4) U12
Recommendations
Enable compression (gzip/brotli) to improve performance
Analysis completed in 879ms