HTTP Headers Analysis for https://www.gauthmath.com

Detected Technologies from Headers

See all in URL Inspect 17

Akamai Active incidents

Bing

Facebook

Gauthmath

Google Analytics

Google Conversion Tracking

Google DoubleClick

Google Search

Google Static File Front End

Google Tag Manager

Microsoft Clarity

Nginx

TikTok

TikTok Analytics

YouTube

Google Cloud

Google Cloud Storage

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Basic

report-uri; report-to; upgrade-insecure-requests; +8 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close, Transfer-Encoding

Transfer-Encoding

Performance

chunked

connection: close, Transfer-Encoding
transfer-encoding: chunked

Caching Headers

Cache-Control

Caching

max-age=0, no-cache, no-store

Expires

Caching

Fri, 01 May 2026 11:33:23 GMT

Pragma

Caching

no-cache

cache-control: max-age=0, no-cache, no-store
expires: Fri, 01 May 2026 11:33:23 GMT
pragma: no-cache

Content Headers

Content-Type

Content

text/html; charset=UTF-8

content-type: text/html; charset=UTF-8

Server Headers

Server

nginx

X-Powered-By

Server

Goofy Node

server: nginx
x-powered-by: Goofy Node

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: _region=us; Max-Age=259200000; Domain=.gauthmath.com; Path=/
app_region=us; Max-Age=259200000; Domain=.gauthmath.com; Path=/
_continent=us; Max-Age=259200000; Domain=.gauthmath.com; Path=/
_subdivision=us; Max-Age=259200000; Domain=.gauthmath.com; Path=/
_city=us; Max-Age=259200000; Domain=.gauthmath.com; Path=/
device_id=7634885035418600974; Domain=.gauthmath.com; Path=/; Expires=Thu, 30 Jul 2026 11:33:22 GMT
ttwid=1%7CrklDMrqmkrv8pfjfGLj4Q_azOdEcLQMyAmDNVMLefrQ%7C1777635202%7Cd9de14aba5c181bf48a8eae6c1986396159112e4adaebd76cf386274adff53a9; Domain=.gauthmath.com; Path=/; Expires=Thu, 30 Jul 2026 11:33:22 GMT

Other Headers

Date

Other

Fri, 01 May 2026 11:33:23 GMT

Reporting-Endpoints

Other

csp-endpoint="https://mon.gauthai-us.com/monitor_browser/collect/batch/security/?bid=EHI_H5&ev_type=csp&p=jMJf6k1GY6BA4KbmDVSsTh&v=3&s=657&b=oab"

Server-Timing

Other

inner; dur=316,bd-edenx-server-loader-(region$)/layout; dur=0.999927, bd-edenx-server-loader-layout; dur=10.999918, bd-edenx-server-loader-(region$)/page; dur=160.000086, bd-edenx-server-loader;decs="SSR"; dur=161.000014, bd-edenx-ssr-render-html;decs="SSR"; dur=59.999942, bd-edenx-server-handle-request; dur=299.000024, cdn-cache; desc=MISS, edge; dur=1, origin; dur=320

X-Akamai-Request-Id

Other

128d46b3

X-Bytefaas-Enable-Stream

Other

true

X-Bytefaas-Execution-Duration

Other

301.67

X-Bytefaas-Request-Id

Other

20260501113322874062A386CDA41D68CA

X-Cache

Other

TCP_MISS from a23-220-104-79.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0.1-8a6cb9ae5b7c562eeba48faa6e795939) (-)

X-Ggw-Config-Version

Other

432059

X-Gw-Dst-Psm

Other

ehi.fe.portal_web_ttp_gs

X-Modernjs-Render

Other

server

X-Origin-Response-Time

Other

321,23.220.104.79

X-Processed-By

Other

Modern.js

X-Tt-Logid

Other

20260501113322874062A386CDA41D68CA

X-Tt-Trace-Host

Other

01909035afc97fd961fefd89852449503928b028c2aa21297311c715b2fce173be1b52b1b21190c89f37a1847bffc236305e08fbd50ab8be78f0475007bad9ecac2e7473a4bcb5f2ed9587788a9cff89a13fe1fe824916807f2e73b265420e2ea6

X-Tt-Trace-Id

Other

00-260501113322874062A386CDA41D68CA-7EBB387644EF601F-00

X-Tt-Trace-Tag

Other

id=16;cdn-cache=hit;type=dyn

date: Fri, 01 May 2026 11:33:23 GMT
reporting-endpoints: csp-endpoint="https://mon.gauthai-us.com/monitor_browser/collect/batch/security/?bid=EHI_H5&ev_type=csp&p=jMJf6k1GY6BA4KbmDVSsTh&v=3&s=657&b=oab"
server-timing: inner; dur=316,bd-edenx-server-loader-(region$)/layout; dur=0.999927, bd-edenx-server-loader-layout; dur=10.999918, bd-edenx-server-loader-(region$)/page; dur=160.000086, bd-edenx-server-loader;decs="SSR"; dur=161.000014, bd-edenx-ssr-render-html;decs="SSR"; dur=59.999942, bd-edenx-server-handle-request; dur=299.000024, cdn-cache; desc=MISS, edge; dur=1, origin; dur=320
x-akamai-request-id: 128d46b3
x-bytefaas-enable-stream: true
x-bytefaas-execution-duration: 301.67
x-bytefaas-request-id: 20260501113322874062A386CDA41D68CA
x-cache: TCP_MISS from a23-220-104-79.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0.1-8a6cb9ae5b7c562eeba48faa6e795939) (-)
x-ggw-config-version: 432059
x-gw-dst-psm: ehi.fe.portal_web_ttp_gs
x-modernjs-render: server
x-origin-response-time: 321,23.220.104.79
x-processed-by: Modern.js
x-tt-logid: 20260501113322874062A386CDA41D68CA
x-tt-trace-host: 01909035afc97fd961fefd89852449503928b028c2aa21297311c715b2fce173be1b52b1b21190c89f37a1847bffc236305e08fbd50ab8be78f0475007bad9ecac2e7473a4bcb5f2ed9587788a9cff89a13fe1fe824916807f2e73b265420e2ea6
x-tt-trace-id: 00-260501113322874062A386CDA41D68CA-7EBB387644EF601F-00
x-tt-trace-tag: id=16;cdn-cache=hit;type=dyn

Recommendations

Enable compression (gzip/brotli) to improve performance

Consider removing X-Powered-By header to hide server technology