Open
Cached
·
just now
19
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000; includeSubdomains
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Transfer-Encoding
chunked
connection: close transfer-encoding: chunked
Caching Headers
Cache-Control
max-age=0, private, must-revalidate
Etag
W/"c82309923c54b829229280790001c1b9"
cache-control: max-age=0, private, must-revalidate etag: W/"c82309923c54b829229280790001c1b9"
Content Headers
Content-Type
text/html; charset=utf-8
content-type: text/html; charset=utf-8
Server Headers
Server
Apple
X-Runtime
0.009580
server: Apple x-runtime: 0.009580
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Date
Thu, 09 Apr 2026 04:49:43 GMT
Link
URL
/packs/js/rss-aae5eb19654ca3e4927b.js
rel=preload
as=script
nopush
URL
/assets/application-4f531ddb2ff33386d206a5e6aa6d85aa9f369c4ef104b50b890da963ce297fed.css
rel=preload
as=style
nopush
URL
/packs/js/application-95007978df0568a3b48e.js
rel=preload
as=script
nopush
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
7f44f99b-0fc3-4238-986e-54f6a13bac42
date: Thu, 09 Apr 2026 04:49:43 GMT link: </packs/js/rss-aae5eb19654ca3e4927b.js>; rel=preload; as=script; nopush,</assets/application-4f531ddb2ff33386d206a5e6aa6d85aa9f369c4ef104b50b890da963ce297fed.css>; rel=preload; as=style; nopush,</packs/js/application-95007978df0568a3b48e.js>; rel=preload; as=script; nopush x-download-options: noopen x-permitted-cross-domain-policies: none x-request-id: 7f44f99b-0fc3-4238-986e-54f6a13bac42
Recommendations
Enable compression (gzip/brotli) to improve performance