HTTP Headers: thoughtbot.com

Security score: 40/100

🛡️ Security Headers

Header	Status
Strict-Transport-Security	❌ Missing
Content-Security-Policy	❌ Missing
X-Content-Type-Options	✅ Present
X-Frame-Options	✅ Present
X-XSS-Protection	❌ Missing

📋 All Response Headers

Accept-Ranges
Age
Connection
Content-Length
Content-Type
Date
Vary
Via
X-Cache
X-Cache-Hits
X-Served-By
X-Timer
cache-control
content-encoding
etag
referrer-policy
server
strict-transport-security
x-content-type-options
x-download-options
x-envoy-upstream-service-time
x-frame-options
x-permitted-cross-domain-policies
x-request-id
x-runtime
x-xss-protection

🔧 More Tools for Thoughtbot

📊 Full Analysis 📋 WHOIS Lookup 🌐 DNS Records 🔒 SSL Certificate ⬆️ Uptime Status 📑 Full Report