Open
Cached
·
just now
19
Headers
Detected Technologies from Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=15552000
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
same-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Vary
accept-encoding
connection: close vary: accept-encoding
Caching Headers
No caching headers found
Content Headers
Content-Length
0
content-length: 0
Server Headers
Server
cloudflare
server: cloudflare
CORS Headers
Access-Control-Allow-Methods
GET,OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Max-Age
86400
access-control-allow-methods: GET,OPTIONS access-control-allow-origin: * access-control-expose-headers: access-control-max-age: 86400
Cookies Headers
Other Headers
Alt-Svc
h3=":443"; ma=86400
Cf-Ray
9f58d2f46a4d0606-IAD
Date
Sat, 02 May 2026 17:42:42 GMT
Nel
Report-To Group
cf-nel
max-age: 1w
success: 0.0%
Report-To
alt-svc: h3=":443"; ma=86400
cf-ray: 9f58d2f46a4d0606-IAD
date: Sat, 02 May 2026 17:42:42 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=lK6iTFnvs1%2BWr031XPxXa8yPWnh5Bh9OcvFpbFpcgqdDDhCSh%2Foad6rWzjcJzGCYngxSZQ3yo%2BEiAYzSdEryQbXD4hg0jqp1qZhyYJF%2F9SJsuBMwsEE327TBdEyF7h4UeSiuSF2q"}]}
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching