HTTP Headers Analysis for https://virtconf.apereo.org

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Basic

base-uri; object-src; report-uri; +3 more

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Present

origin

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Consider adding Permissions-Policy to control browser features

Performance Headers

3 headers

Accept-Ranges

Performance

none

Transfer-Encoding

Performance

chunked

Vary

Performance

Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Accept-Encoding

Caching Headers

3 headers

Cache-Control

Caching

no-cache, no-store, max-age=0, must-revalidate

Expires

Caching

Mon, 01 Jan 1990 00:00:00 GMT

Pragma

Caching

no-cache

Content Headers

1 headers

Content-Type

Content

text/html; charset=utf-8

Server Headers

1 headers

Server

ESF

CORS Headers

0 headers

No CORS headers found

Cookies Headers

0 headers

No cookies headers found

Other Headers

3 headers

Date

Other

Tue, 04 Nov 2025 14:13:23 GMT

Document-Policy

Other

include-js-call-stacks-in-crash-reports

Reporting-Endpoints

Other

default="/web-reports?jobset=prod&bl=editors.sites-viewer-frontend_20251029.02_p0&app=25&clss=1&context=eJwN0H9czHccB_Cv730-76zi-qkrqeuO1CKnPSjVueq6SjbzYHYneyzUIaVapfycemDGNg-MTczi1KN0jsjI8Fhoj0fxsAkP1haNklw_Tq1UZrXXH8_H4_V6_fmy73AsGasXLA56YaGbXvgInPfpBT8YOawXxhfrBWbSC26gOa8X9C16YTXc7NIL9-FTT4OQCf2TDALzMQjrJxuEnZCiMwi5UAC7IDzokTACNO2R4AOaZ31iPKgKB8QwsBUNiIOwMX1QLIKGyCGxEa6qh8Q6eG0cEkegfM-QeBZW3hoW10KmMCrmw5D3qChMGhX7N4yKb-G9xRJJBGiKJJJ4WPRcIkmCDbZwVggzBiJYKIiHI5k9XD4dya5DQpiaLYSzk-eyS5Cnj2JboDcxmg3D9u5o9hX8tTmGtUKNOYbVgtoSw3RwKFvLjkFKvpalg1ilZfZw6ryWnYM5F7UsGjL9Ylk-DAbp2CiErdWxKJjymY5Nhx3tOvY1GGbFseXQ8FMca4KDe-NZKVRADZjSE1gltLrMY53QbJfI2qBgcQnfBo3mEv4U_rhUwv-Gxn-O8yaImWjiiSD_0MQDYEXzSZ4GW20n-U64sqaU34TKjFJ-Hm61lvJ7IDtXxuVgt7mcS2HcznLuDp6-FdwPApZWcBXE7K7gibDIWsmT4NQCMz8HT1PN_CVcqzDzXyE0yMI10Fhr4U2Qk3KGbwLrujO8D45YrNwE9fWd_C4YNF18OSy70cVT4Lahm98H6dFu7gGS547kAFXScVQD_jXjKBge1Y2nFsgPkdLn8EGJlJZAe5kT9cCeT5zpAJg7nKka1lidKRvsVC4khTEKV3oHqkNd6QpEhblSAsxe4UpzIeSxG4WDwwJ3coUXX7iTDbaZJtAumNo8gWbADykeVAr2GR7kAm8ykbM8aLdcRvth9SwZvTTKqBcuWGR0FYYaZCTcktGWE560Ax6YPKkZCvZ40TZ4Y_Mi8ZUXHRv0ojI4mDmRiqFt30TqgkPR3nQEliV603LIv-xNn0OL2Yfq__ShO_Cy2Yd6IMDmQypY0utDSXBxmS_9ssqX6sB6wZf6YL6dnBZDdagcX8ipM01OPTVyeg2bT_rRdoi1-dH7kDFDQXkwO15BEeC-XkGTIP24gnLh2h0F3QDH3xTkDIPwFip-V5AFvhlR0CEwzVRSJfwXqSSuVlKVRkk10JWmpH54tVFJAyD8rKSxkPRASSshUe9Pi6DV4E-doF46lXTw5McAaoWH7QH0BGqkgVQLbc6B1AVNroH0FP51CySJeyB9_zCcyqFRiKDb5gi6D8NOkTQC5gWRVA2jgprsxqgpwkFN8yH7OzVtgOYDc6kNjBINrQX7KRpygeZpUdQGtdoougvKuigKgnXaaFoPTYejqcgaTbthf5yWimGCUUsy6M3Q0jA4FaGDTRJLoxBxL5a08KQnltqhv0pHb8E1JY5kcGJrHK0ujKMs6M6LpwFQnI6nd6HPEk9v4NvgBDoKsbMTaB5shMstCXQdkjueUSoUJrfRl2A_3EYukFPYTpvA6vGC-qCy6wXlmzro2GMrlYH_pR5ycRy7_WBFPTntayjeK3qxj9OMBYppxtS0vKyc3ODctDxj7vR8bMac6atysjLzjJmpySGqkFkzVSFzglUhydmq_wGj5E9E&build-label=editors.sites-viewer-frontend_20251029.02_p0&imp-sid=COe6s_rW2JADFV6ILQkd8acoJw&is-cached-offline=false"

Recommendations

Enable compression (gzip/brotli) to improve performance