HTTP Headers: gsa.gov
Security score: 60/100
🛡️ Security Headers
| Header | Status |
|---|---|
| Strict-Transport-Security | ✅ Present |
| Content-Security-Policy | ❌ Missing |
| X-Content-Type-Options | ✅ Present |
| X-Frame-Options | ✅ Present |
| X-XSS-Protection | ❌ Missing |
📋 All Response Headers
Age Cache-Control Connection Content-Encoding Content-Language Content-Type Date ETag Expires Last-Modified Public-Key-Pins Referrer-Policy Server Strict-Transport-Security Vary Via X-Amz-Cf-Id X-Amz-Cf-Pop X-Cache X-Content-Type-Options X-Drupal-Cache X-Drupal-Cache-Contexts X-Drupal-Cache-Max-Age X-Drupal-Cache-Tags X-Drupal-Dynamic-Cache X-Frame-Options X-Generator X-UA-Compatible
🔧 More Tools for Gsa