HTTP Headers Analysis for https://shop.hedera.com

Detected Technologies from Headers

See all in URL Inspect 3

Cloudflare NEL Monitoring

Cloudflare CDN

Shopify

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=7889238

Content-Security-Policy

Weak

block-all-mixed-content; frame-ancestors; upgrade-insecure-requests Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Significantly strengthen CSP directives
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

accept-encoding

connection: close
transfer-encoding: chunked
vary: accept-encoding

Caching Headers

Etag

Caching

W/"page_cache:4684120133:IndexController:023bf4e8333525f64cb5b8cd77aac603"

etag: W/"page_cache:4684120133:IndexController:023bf4e8333525f64cb5b8cd77aac603"

Content Headers

Content-Language

Content

en-US

Content-Type

Content

text/html; charset=utf-8

content-language: en-US
content-type: text/html; charset=utf-8

Server Headers

Server

cloudflare

server: cloudflare

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: localization=US; path=/; expires=Tue, 18 May 2027 09:41:47 GMT; SameSite=Lax
cart_currency=USD; path=/; expires=Mon, 01 Jun 2026 09:41:47 GMT; SameSite=Lax
_shopify_y=c2966b5a-098c-49d8-96fe-e39b8cfced31; domain=hedera.com; path=/; expires=Tue, 18 May 2027 15:41:47 GMT; SameSite=Lax
_shopify_s=8cec4419-0670-4c1f-a463-2a3622ff1e28; domain=hedera.com; path=/; expires=Mon, 18 May 2026 10:11:47 GMT; SameSite=Lax
_shopify_essential=:AZ46dok1AAEAbM17QV7t5_aDsfGriA3aEnZcTVILC4n3t3aZ_nhHCYzVkfYkOO08N9lYJdIBeEDrpTE0Djm0vJQuFRVBylGiE3brEswOJV5kPNxU64N-FxhPqQe-RdTO-DaTNE9QX9lVXGv5syH8uuT2a-0TzXUU6RKNM8xR6Q7pne75K5eAvuaF2VjNrJL8M5oz8T0nCS1w4EVMN6UIH9pHZVDwEAaj7GKMJVf8Hviw46bSfrJIAXu5MHI2Ysgvhq6g_hxeS87EiK65MhA0B9YQpl6NZT8s0009fGfMny3vKM6uc8qjLzSoyWTZod9tBMXLQhXoeqQcA3MgdwWq2J3d:; Max-Age=31536000; Path=/; HttpOnly; Secure; Priority=High; SameSite=Lax
_shopify_analytics=:AZ46doo9AAEA6UY8QLSgrphM-GRs6aGpOJ3J8ssSYsFoGvJdP9s91HVueu75Mj_9MJZjRqCsnMMso9FwZ6aBevXzPUiFcnSIfCTw0w:; Max-Age=31536000; Path=/; HttpOnly; Secure; Priority=High; SameSite=Lax
_shopify_marketing=:AZ46doo9AAEA1ZHMvpoaiLyvoZEdJn83xBDyRAk_Sm1k54SvedM8VeMfyW0mJs394l3QLfS4bFAlO-iYFJJB920BUA:; Max-Age=31536000; Path=/; HttpOnly; Secure; Priority=High; SameSite=Lax

Other Headers

Alt-Svc

Other

h3=":443"; ma=86400

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

9fd9e87b3a23d6b5-IAD

Date

Other

Mon, 18 May 2026 09:41:47 GMT

Link

Other

URL

https://cdn.shopify.com

rel=preconnect

URL

https://cdn.shopify.com

rel=preconnect crossorigin

URL //shop.hedera.com/cdn/shop/t/6/assets/component-localization-form.css?v=143319823105703127341698426178

as=style rel=preload

URL //shop.hedera.com/cdn/shop/files/HederaOao_Logo_Lockup_BLACK.png?v=1637194840&width=600

as=image rel=preload imagesrcset=//shop.hedera.com/cdn/shop/files/HederaOao_Logo_Lockup_BLACK.png?v=1637194840&width=180 180w, //shop.hedera.com/cdn/shop/files/HederaOao_Logo_Lockup_BLACK.png?v=1637194840&width=270 270w, //shop.hedera.com/cdn/shop/files/HederaOao_Logo_Lockup_BLACK.png?v=1637194840&width=360 360w imagesizes=(max-width: 360px) 50vw, 180px

Nel

Other

Report-To Group cf-nel max-age: 1w

success: 1.0%

Powered-By

Other

Shopify

Report-To

Other

Group cf-nel max-age: 1w

Endpoint 1 https://a.nel.cloudflare.com/report/v4?s=2fvxPcnLcMUw0c5Aul%2BAKKyXBsKt%2B57xUey2Ohe7SGKDcocbWw6dCBvYrMmso6AWP4kNLcU0wjk8UbtJpfXqlR3W3YJXmzX7C4qcpcoVmQVwA9c5m29NE0NO9O1AWtCQ5w%3D%3D

Server-Timing

Other

processing;dur=288;desc="gc:10", db;dur=63, db_async;dur=14.835, parse;dur=1, render;dur=98, asn;desc="212238", edge;desc="IAD", country;desc="US", theme;desc="137317843185", pageType;desc="index", servedBy;desc="xsxh", requestID;desc="59524ecd-8c66-431e-b9e6-0324d91cd8e2-1779097307", _y;desc="c2966b5a-098c-49d8-96fe-e39b8cfced31", _s;desc="8cec4419-0670-4c1f-a463-2a3622ff1e28", _cmp;desc="3.AMPS_USVA_f_f_2ACVrK1wRUGA27WsMvf*1Q", compressionLevel;desc="5", compressionTime;dur=9.462

Shopify-Complexity-Score

Other

2850

Shopify-Complexity-Score-V2

Other

285

X-Dc

Other

gcp-us-east1,gcp-us-east1,gcp-us-east1

X-Download-Options

Other

noopen

X-Permitted-Cross-Domain-Policies

Other

none

X-Request-Id

Other

59524ecd-8c66-431e-b9e6-0324d91cd8e2-1779097307

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 9fd9e87b3a23d6b5-IAD
date: Mon, 18 May 2026 09:41:47 GMT
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin, <//shop.hedera.com/cdn/shop/t/6/assets/component-localization-form.css?v=143319823105703127341698426178>; as="style"; rel="preload", <//shop.hedera.com/cdn/shop/files/HederaOao_Logo_Lockup_BLACK.png?v=1637194840&width=600>; as="image"; rel="preload"; imagesrcset="//shop.hedera.com/cdn/shop/files/HederaOao_Logo_Lockup_BLACK.png?v=1637194840&width=180 180w, //shop.hedera.com/cdn/shop/files/HederaOao_Logo_Lockup_BLACK.png?v=1637194840&width=270 270w, //shop.hedera.com/cdn/shop/files/HederaOao_Logo_Lockup_BLACK.png?v=1637194840&width=360 360w"; imagesizes="(max-width: 360px) 50vw, 180px"
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
powered-by: Shopify
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2fvxPcnLcMUw0c5Aul%2BAKKyXBsKt%2B57xUey2Ohe7SGKDcocbWw6dCBvYrMmso6AWP4kNLcU0wjk8UbtJpfXqlR3W3YJXmzX7C4qcpcoVmQVwA9c5m29NE0NO9O1AWtCQ5w%3D%3D"}]}
server-timing: processing;dur=288;desc="gc:10", db;dur=63, db_async;dur=14.835, parse;dur=1, render;dur=98, asn;desc="212238", edge;desc="IAD", country;desc="US", theme;desc="137317843185", pageType;desc="index", servedBy;desc="xsxh", requestID;desc="59524ecd-8c66-431e-b9e6-0324d91cd8e2-1779097307", _y;desc="c2966b5a-098c-49d8-96fe-e39b8cfced31", _s;desc="8cec4419-0670-4c1f-a463-2a3622ff1e28", _cmp;desc="3.AMPS_USVA_f_f_2ACVrK1wRUGA27WsMvf*1Q", compressionLevel;desc="5", compressionTime;dur=9.462
shopify-complexity-score: 2850
shopify-complexity-score-v2: 285
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 59524ecd-8c66-431e-b9e6-0324d91cd8e2-1779097307

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching