HTTP Headers Analysis for https://py.pl

Detected Technologies from Headers

See all in URL Inspect 2

PayPal

Varnish

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=63072000; includeSubDomains; preload

Content-Security-Policy

Good

default-src; script-src; img-src; +6 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Strengthen CSP by removing 'unsafe-eval'
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

Vary

Performance

Accept-Encoding

accept-ranges: bytes
connection: close
vary: Accept-Encoding

Caching Headers

Cache-Control

Caching

max-age=0, no-cache, no-store, must-revalidate

Etag

Caching

W/"e63-lKjLRoidBjd7k535r2/kz+7K5Mw"

cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"e63-lKjLRoidBjd7k535r2/kz+7K5Mw"

Content Headers

Content-Length

Content

3683

Content-Type

Content

text/html; charset=utf-8

content-length: 3683
content-type: text/html; charset=utf-8

Server Headers

No server headers found

CORS Headers

Access-Control-Expose-Headers

Cors

Server-Timing

access-control-expose-headers: Server-Timing

Cookies Headers

Set-Cookie

Cookies

set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Thu, 06 May 2027 05:57:09 GMT; Secure; SameSite=None
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Wed, 06 May 2026 14:43:05 GMT; HttpOnly; Secure; SameSite=None
tsrce=unpshorturlnodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Sat, 09 May 2026 05:57:08 GMT; HttpOnly; Secure; SameSite=None
x-pp-s=eyJ0IjoiMTc3ODA0NzAyOTA3NSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None
tsrce=unpshorturlnodeweb; Domain=.paypal.com; Path=/; Expires=Sat, 09 May 2026 05:57:09 GMT; HttpOnly; Secure; SameSite=None
nsid=s%3ARh5_GJStntML2XkHNaQCJifwSfgGP8jY.shP%2BwSCk%2FzUEKUZuAeP1TSHwe6yefKh3TXpyA40LMLI; Path=/; HttpOnly; Secure

Other Headers

Date

Other

Wed, 06 May 2026 05:57:09 GMT

Dc

Other

ccg11-origin-www-1.paypal.com

Paypal-Debug-Id

Other

f405948bb7e30

Server-Timing

Other

traceparent;desc="00-0000000000000000000f405948bb7e30-9b29ad1e817828c7-01",content-encoding,x-cdn;desc="fastly"

Via

Other

1.1 varnish, 1.1 varnish, 1.1 varnish

X-Cache

Other

MISS, MISS, MISS, MISS

X-Cache-Hits

Other

0, 0, 0, 0

X-Served-By

Other

cache-pdk-katl1840023-PDK, cache-pdk-katl1840084-PDK

X-Timer

Other

S1778047029.940810,VS0,VE196

date: Wed, 06 May 2026 05:57:09 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f405948bb7e30
server-timing: traceparent;desc="00-0000000000000000000f405948bb7e30-9b29ad1e817828c7-01",content-encoding,x-cdn;desc="fastly"
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS, MISS
x-cache-hits: 0, 0, 0, 0
x-served-by: cache-pdk-katl1840023-PDK, cache-pdk-katl1840084-PDK
x-timer: S1778047029.940810,VS0,VE196

Recommendations

Enable compression (gzip/brotli) to improve performance