Open
Cached
·
just now
22
Headers
Detected Technologies from Headers
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Accept-Ranges
bytes
Connection
close
Vary
X-Bin,X-Forwarded-Proto, Accept-Encoding, Cookie
accept-ranges: bytes connection: close vary: X-Bin,X-Forwarded-Proto, Accept-Encoding, Cookie
Caching Headers
Age
3140
Cache-Control
max-age=86400, public
Etag
W/"1777066032"
Expires
Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified
Fri, 24 Apr 2026 21:27:12 GMT
age: 3140 cache-control: max-age=86400, public etag: W/"1777066032" expires: Sun, 19 Nov 1978 05:00:00 GMT last-modified: Fri, 24 Apr 2026 21:27:12 GMT
Content Headers
Content-Language
en
Content-Length
231240
Content-Type
text/html; charset=UTF-8
content-language: en content-length: 231240 content-type: text/html; charset=UTF-8
Server Headers
No server headers found
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Date
Mon, 27 Apr 2026 11:17:55 GMT
Via
apache 10.172.21.218, varnish 10.172.26.89, 1.1 varnish (Varnish/6.6)
X-Adv-Varnish
Cache-enabled
X-Cacheable
Yes
X-Drupal-Cache
HIT
X-Forwarded-Proto
https
X-Grace
10
X-Ttl
604800
X-Varnish
107624365 103501053
date: Mon, 27 Apr 2026 11:17:55 GMT via: apache 10.172.21.218, varnish 10.172.26.89, 1.1 varnish (Varnish/6.6) x-adv-varnish: Cache-enabled x-cacheable: Yes x-drupal-cache: HIT x-forwarded-proto: https x-grace: 10 x-ttl: 604800 x-varnish: 107624365 103501053
Recommendations
Enable compression (gzip/brotli) to improve performance