Cached · just now
22 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=300
Content-Security-Policy
Weak
upgrade-insecure-requests Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Significantly strengthen CSP directives
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

Performance Headers

Accept-Ranges
Performance
bytes
Connection
Performance
close
Vary
Performance
Accept-Encoding

Caching Headers

Age
Caching
425
Cache-Control
Caching
max-age=60, stale-while-revalidate=600, stale-if-error=86400, public
Etag
Caching
"d68268e3c33b7caa59d1d30076ac3ead"
Last-Modified
Caching
Mon, 02 Feb 2026 17:14:55 GMT

Content Headers

Content-Length
Content
6675
Content-Type
Content
text/html

Server Headers

Server
Server
cat factory 1.0

CORS Headers

Access-Control-Allow-Credentials
Cors
false
Access-Control-Allow-Origin
Cors
https://imgur.com

Cookies Headers

Set-Cookie
Cookies

Other Headers

Date
Other
Thu, 19 Feb 2026 08:46:45 GMT
Reporting-Endpoints
Other
default="https://chrome-reporting-server-qiu4epv3ia-uc.a.run.app/report"
X-Cache
Other
MISS, HIT
X-Cache-Hits
Other
0, 0
X-Served-By
Other
cache-nyc-kteb1890075-NYC, cache-nyc-kteb1890043-NYC
X-Timer
Other
S1771490805.330924,VS0,VE1

Recommendations

Enable compression (gzip/brotli) to improve performance