HTTP Headers Analysis for https://www.conductor.com

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Present

origin-when-cross-origin

Permissions-Policy

Present

accelerometer=(self "https://iframe.videodelivery.net"), autoplay=(self "https://iframe.videodelivery.net"), bluetooth=(), camera=(), encrypted-media=(self "https://iframe.videodelivery.net" "https://www.youtube.com" "https://player.videmo.com"), fullscreen=(self "https://iframe.videodelivery.net" "https://www.youtube.com" "https://player.videmo.com"), geolocation=(), gyroscope=(self "https://iframe.videodelivery.net" "https://www.youtube.com" "https://player.videmo.com"), microphone=(), payment=(), picture-in-picture=(self "https://iframe.videodelivery.net" "https://www.youtube.com" "https://player.videmo.com"), usb=()

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Add Content-Security-Policy header to prevent XSS attacks

Performance Headers

3 headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

accept-encoding

Caching Headers

2 headers

Age

Caching

731

Cache-Control

Caching

public, max-age=0, must-revalidate

Content Headers

2 headers

Content-Disposition

Content

inline

Content-Type

Content

text/html; charset=utf-8

Server Headers

1 headers

Server

cloudflare

CORS Headers

1 headers

Access-Control-Allow-Origin

Cors

*

Cookies Headers

1 headers

Set-Cookie

Cookies

__cf_bm=NS5_vLeK.8ilWg7QQT7KOFyqJdURBDo8yBLBo0NDTZI-1769733816.5615704-1.0.1.1-NVxzXlmRLexdEL.Pat8PMe7StdLijB85bTDCAciOYauC3PtcDhXHZHQm6_czhwFF8k_y.CpJgNedor110AjoO7Exz6ellVG0fdW11UU_f8j3Yb_Thti8lYxpNyD.zG9J; HttpOnly; Secure; Path=/; Domain=conductor.com; Expires=Fri, 30 Jan 2026 01:13:36 GMT

Other Headers

9 headers

Alt-Svc

Other

h3=":443"; ma=86400

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

9c5cefa18cd69d2e-IAD

Date

Other

Fri, 30 Jan 2026 00:43:36 GMT

X-Matched-Path

Other

/en

X-Nextjs-Prerender

Other

1

X-Nextjs-Stale-Time

Other

300

X-Vercel-Cache

Other

HIT

X-Vercel-Id

Other

iad1::qpj7x-1769733816575-e2b81c7b7bb9

Recommendations

Enable compression (gzip/brotli) to improve performance