HTTP Headers Analysis for https://verywellmind.com

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=15552000

Content-Security-Policy

Weak

frame-ancestors; upgrade-insecure-requests

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

no-referrer-when-downgrade

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Significantly strengthen CSP directives
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Consider adding Permissions-Policy to control browser features

Performance Headers

2 headers

Connection

Performance

keep-alive

Transfer-Encoding

Performance

chunked

Caching Headers

2 headers

Cache-Control

Caching

max-age=1800, private

Expires

Caching

Thu, 01 Jan 1970 00:00:00 GMT

Content Headers

1 headers

Content-Type

Content

text/html;charset=utf-8

Server Headers

1 headers

Server

cloudflare

CORS Headers

0 headers

No CORS headers found

Cookies Headers

1 headers

Set-Cookie

Cookies

_cfuvid=FYmKPCotP1ImbvC7vikmOglzLe2uL9RHrJe_r8X2iKQ-1763287264246-0.0.1.1-604800000; path=/; domain=.verywellmind.com; HttpOnly; Secure; SameSite=None

Other Headers

10 headers

Alt-Svc

Other

h3=":443"; ma=86400

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

99f625193f42177b-IAD

Date

Other

Sun, 16 Nov 2025 10:01:04 GMT

Link

Other

<//www.verywellmind.com/static/8.125.0/cache/eNqVVVG2oyAM3dBwWMT8ziYipJh5SDwE7bzdD1CrtuVp-yPJ9d4ASQAtCRIZPUBIHrUR0QXBX_r1Bw3gUI0eDPbsLcYWacBIliBoChb_rYz6Cyg8AD0POOaYWxy2k0fRhoeRA4YkOgJ5NZNFrpJqHfE7kGUbRoGVbb6NkmG9_3Vf_ca4knWYxx7J9el3D8HhH5KEAWMTbE3jPHfgMx1sVYFt8wLM5DLIQcsXjcpT-Nqsg8ieHdfPSdTL5L2YiBhURp_cE20X87pNnIZO9nZLdeE4lFIES0WqBCGa_gX4WepKJsHfhY9uSyZoSmDRCZyoxXtwTnZXqSUnd-OMH6dcb1sLI49eS9l5NplnSYwHyidjZx7wDY_fsfTYZjXZU0pl87XZa47UDTrZxN9pWJpstQ6a7MKc8sJvw7s89VNX3god8CoeUyHOEz65b8-xyc76f1lTLdreObgB9oeSDeU2LG1SU726Z4d50zU0h1NaThakV1OgGaMsUZpo81xURJWrdbtkKyqqg7hZZzsYOfnaiKv1_nRDfgDUqlMFb2EH56AOt-9B2uqrVCvj6PJBNtZVSH5SalaekfeD5cvdp_5b5btuZnlyT5IMfuyhw0xYyvwMnOhdfm-r7m58sOxsqMTsZWe-L-cpqjHyQPJgfzh_xJnwqjqGaF-RD4PBNWtkb_8HVmprug.min.css>; rel=preload; as=style; nopush, <//www.googletagmanager.com/gtm.js?id=GTM-5P3SZGS>; rel=preload; as=script; nopush, <//www.googletagmanager.com/gtag/js?id=G-JZ3Y3DDMPK&l=dataLayer&cx=c>; rel=preload; as=script; nopush, <//securepubads.g.doubleclick.net/tag/js/gpt.js>; rel=preload; as=script; nopush, <//www.verywellmind.com/static/fonts/merriweather-v11-latin-regular.woff2>; rel=preload; as=font; type="font/woff2"; crossorigin; nopush, <//www.verywellmind.com/static/fonts/FSAlbertWeb-ExtraBold.woff>; rel=preload; as=font; type="font/woff"; crossorigin; nopush, <//www.verywellmind.com/static/8.125.0/cache/eNp9klFugzAMhi-0iDtsmvZUqdq4QAgGXEKMYkPVnn4J2lRAhodESb4_fxzbBYsVdMVgg3goblxItA7eiu25o2GkAEG48PZBk2TljY3rwPV78S2Lng_GJyQFhQbbvcRjxVsdBoHI4AQpaIZka6gV4Ih6BFbIJOhRdNYEc4ZrGk55zlGPoT0VzRBqioV0kSQdHdiAsTUfMnefFTakhaki2H6klLfX9cQ6sF6648BWlXQcm2XSnrCPSgt5tC2YGeF-4tvKsFTGo-vNf6o0r6niqXoBqicPS1t8l-95HKHFMy0-Z1j_fqWy9V_jGTvidqcE8nG5aiZKDtcvXEAiOi5zMBBVzbS0s2k8UdxvtQs_nvT_fF3LPDQkNrYguRnZNuCRRVOx2_bZi0RIWZyg3NdpVdB0MyvbUX4B2geRsQ.min.js>; rel=preload; as=script; nopush; group=top, <//www.verywellmind.com/static/8.125.0/cache/eNqlU0FywyAM_FAZHtFrPyEbGdTKIgXhNH19ZWeSpiR1Dz0hrbRi2RG-KiiNfgZRRv9a_WyBW0CIGVwdS2Z-8j-7xjwfsqBo9SSKRYB9wAnLyt-CgqEnMQ11rb--NyynvmqFpsSkhNUNjVjdkTS5rtvaxlqmHp5zaIz1VpiWDwfTZCNB0SnEiKVHmeTNFTwW0rN2489YRtzr2zEDP85m0OeZs733Dvz3AGcWQzOHDtwiyZ0LxmH4PDkIO1cFipSTjWI4YejSHd6RQkQ7E1JM-pxAIr5QVRSz8BF4nXUzJHIebGcSQthY6_GoT2ChaGAWPzVm20ZEcYZ26W-7NnDOIeUm4cG-LSghFw9N83olo-IjDVMu87oZEmgV4ipCGdMd8Ds1ri4AX4g_0yvtInlpOyoEj9V02j446-vSvV86Q9zeHGn6w2fgQ4IBrcE0rk73wB_8WChsvEtw90JcHM6kt1_pu2TjCL8AElXCCw.min.js>; rel=preload; as=script; nopush; group=bottom

Nel

Other

{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0,"include_subdomains":true}

Report-To

Other

{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://rjs.3gl.net/hawklogserver/566/re.p"}]}

X-Abt-Application-Version

Other

8.125.0

X-Connection-Protocol

Other

HTTP/1.1