HTTP Headers Analysis for https://reconise.com

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Present

same-origin

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Consider adding Permissions-Policy to control browser features

Performance Headers

2 headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

Caching Headers

3 headers

Age

Caching

44661

Cache-Control

Caching

public,max-age=0,must-revalidate

Etag

Caching

"d86c75fd0a2d3a56f83eb96f72b99c1e-ssl"

Content Headers

2 headers

Content-Length

Content

35790

Content-Type

Content

text/html; charset=UTF-8

Server Headers

1 headers

Server

Netlify

CORS Headers

0 headers

No CORS headers found

Cookies Headers

0 headers

No cookies headers found

Other Headers

4 headers

Cache-Status

Other

"Netlify Edge"; hit

Date

Other

Mon, 12 Jan 2026 03:23:19 GMT

Link

Other

</webpack-runtime-ce6485864e1dc5c2860a.js>; rel=preload; as=script, </framework-e17f231015c167337437.js>; rel=preload; as=script, </commons-32392eaa27a85ba4e78b.js>; rel=preload; as=script, </app-322aa85032a3681110d2.js>; rel=preload; as=script, </styles-2d82ac8e3afc0c213061.js>; rel=preload; as=script, </component---src-templates-page-index-js-5809377f240fa7699d1a.js>; rel=preload; as=script, </page-data/app-data.json>; rel=preload; as=fetch; crossorigin, </page-data/index/page-data.json>; rel=preload; as=fetch; crossorigin

X-Nf-Request-Id

Other

01KER3NGVKBJFG2C21DVDHNMBV

Recommendations

Enable compression (gzip/brotli) to improve performance