Open
Cached
·
just now
39
Headers
Detected Technologies from Headers
Gravatar
Cloudflare NEL Monitoring
Google AdSense
Google Tag Manager
G2
Amplitude
Kinsta
XING
Reddit
Active incidents
HubSpot Forms
Cookiebot
Megaphone
Google DoubleClick
Google Analytics
Microsoft Advertising
Google Conversion Tracking
ClearBit
Cloudflare CDN
Greenhouse
Outbrain
Oktopost
Google API JS Client
Leadfeeder
Hotjar
LinkedIn
Contentsquare
HubSpot Analytics
Google Search
Demandbase
Active incidents
Facebook
Matomo
HubSpot
Microsoft Clarity
HubSpot Live Chat
Sentry
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Present
payment=(self), geolocation=(self), microphone=(self); +6 more
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
Performance Headers
Connection
close
Transfer-Encoding
chunked
Vary
Accept-Encoding
connection: close transfer-encoding: chunked vary: Accept-Encoding
Caching Headers
Age
57109
Cache-Control
public, max-age=0, s-maxage=604800
Last-Modified
Fri, 08 May 2026 16:09:04 GMT
age: 57109 cache-control: public, max-age=0, s-maxage=604800 last-modified: Fri, 08 May 2026 16:09:04 GMT
Content Headers
Content-Type
text/html; charset=UTF-8
content-type: text/html; charset=UTF-8
Server Headers
Server
cloudflare
server: cloudflare
CORS Headers
Access-Control-Allow-Headers
Content-Type, Authorization, Content-Type, X-CSRF-TOKEN
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Access-Control-Allow-Origin
https://manager.sosafe.de
access-control-allow-headers: Content-Type, Authorization, Content-Type, X-CSRF-TOKEN access-control-allow-methods: GET,PUT,POST,DELETE access-control-allow-origin: https://manager.sosafe.de
Cookies Headers
Other Headers
Cf-Cache-Status
DYNAMIC
Cf-Ray
9f8f2c559d50817e-IAD
Cross-Origin-Embedder-Policy-Report-Only
require-corp; report-to="default"
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="default"
Date
Sat, 09 May 2026 08:00:54 GMT
Feature-Policy
payment 'self'; geolocation 'self'; microphone 'self'; camera 'self'; display-capture 'self'; fullscreen 'self'
Ki-Cache-Tag
dab499d8-58dc-4173-96ff-dc16d831a990,3243e2acec3086f6e4069324050ac8f5774922411b64adf0de84b7a9424a9c90
Ki-Cache-Type
Edge
Ki-Cf-Cache-Status
HIT
Ki-Edge
v=27.1.1;mv=99.9.9
Ki-Edge-O2o
yes
Ki-Origin
g1p
Nel
Report-To Group
cf-nel
max-age: 1w
success: 1.0%
Report-To
Strict-Dynamic
https: 'self'; default-src 'self'
X-Edge-Location-Klb
1
X-Kinsta-Cache
HIT
X-Permitted-Cross-Domain-Policies
none
cf-cache-status: DYNAMIC
cf-ray: 9f8f2c559d50817e-IAD
cross-origin-embedder-policy-report-only: require-corp; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
date: Sat, 09 May 2026 08:00:54 GMT
feature-policy: payment 'self'; geolocation 'self'; microphone 'self'; camera 'self'; display-capture 'self'; fullscreen 'self'
ki-cache-tag: dab499d8-58dc-4173-96ff-dc16d831a990,3243e2acec3086f6e4069324050ac8f5774922411b64adf0de84b7a9424a9c90
ki-cache-type: Edge
ki-cf-cache-status: HIT
ki-edge: v=27.1.1;mv=99.9.9
ki-edge-o2o: yes
ki-origin: g1p
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hxvvkhYgsq8LXb99RSL%2FPpsdTWErUpuVK1imVbmfZJv6jdhbVMLnls7r3hoqiNGR0M8kZqV2%2FkfIB4eb8mLJOpqAoLFzz2QbkwATiYei6q%2FmE0BtjFcMTezGXhlamHUwuTzwQLJi"}],"group":"cf-nel","max_age":604800}
strict-dynamic: https: 'self'; default-src 'self'
x-edge-location-klb: 1
x-kinsta-cache: HIT
x-permitted-cross-domain-policies: none
Recommendations
Enable compression (gzip/brotli) to improve performance