Open
Cached
·
just now
27
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=63072000; preload
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
no-referrer, same-origin, strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Consider adding Permissions-Policy to control browser features
Performance Headers
3 headers
Accept-Ranges
Performance
bytes
Connection
Performance
keep-alive
Vary
Performance
accept-encoding
Caching Headers
4 headers
Cache-Control
Caching
public, max-age=3600
Etag
Caching
"12c6b7c8ccdd6b1f3a59034e369ca807"
Expires
Caching
Wed, 05 Nov 2025 13:54:42 GMT
Last-Modified
Caching
Wed, 09 Oct 2019 05:20:11 GMT
Content Headers
3 headers
Content-Language
Content
en
Content-Length
Content
34
Content-Type
Content
text/html
Server Headers
1 headers
Server
Server
cloudflare
CORS Headers
1 headers
Access-Control-Allow-Origin
Cors
*
Cookies Headers
0 headers
No cookies headers found
Other Headers
10 headers
Cf-Cache-Status
Other
HIT
Cf-Ray
Other
999cbaca4fc99db4-IAD
Date
Other
Wed, 05 Nov 2025 13:34:37 GMT
X-Goog-Generation
Other
1570598411763307
X-Goog-Hash
Other
md5=Esa3yMzdax86WQNONpyoBw==
X-Goog-Metageneration
Other
1
X-Goog-Storage-Class
Other
MULTI_REGIONAL
X-Goog-Stored-Content-Encoding
Other
identity
X-Goog-Stored-Content-Length
Other
34
X-Guploader-Uploadid
Other
AOCedOHw0zU5fDb3C4c3ZpArKTEvqEg6EF9_mzdmPox_m3wRiAi4biT5VgkVla0gj5jAPrul5doWhtA
Recommendations
Enable compression (gzip/brotli) to improve performance
Analysis completed in 163ms