HTTP Headers Analyzer
7 / 10
https://fashionwriteforus.com/
Website → LiteSpeed → Browser6 missing headers, 1 warnings, 0 notices
Header
Value
Explanation
x-powered-by
php/8.2.28
Some of the software used to generate or serve this page.
Warning Sharing too many details about a server or web application makes it easier for hackers to target a website. Avoid specific version numbers such as 8.2.28, especially when running software that is end-of-life and/or has known security bugs. Consider removing this header. At a miminum, remove any version number.
Warning Sharing too many details about a server or web application makes it easier for hackers to target a website. Avoid specific version numbers such as 8.2.28, especially when running software that is end-of-life and/or has known security bugs. Consider removing this header. At a miminum, remove any version number.
permissions-policy
private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")
Instructs a browser to selectively allow or deny certain browser APIs and features. It helps improve security.
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
e7c_home,e7c_url.6666cd76f96956469e7be39d750cc7d9,e7c_f,e7c_
date
sat, 24 jan 2026 18:07:06 gmt
The date and time at which the request was made. A browser uses it for age calculations rather than using its own internal date and time; e.g. when comparing against
Max-Age or Expires.server
litespeed
platform
hostinger
Some of the software used to generate or serve this page.
panel
hpanel
retry-after
60
The
Retry-After header indicates how long the user agent should wait before making a follow-up request. It's commonly used with 503 (Service Unavailable) responses or for rate limiting. The value can be either a number of seconds to wait or an HTTP-date after which to retry. This header helps in managing traffic and server load by instructing clients when to retry their requests.content-security-policy
upgrade-insecure-requests
The Content Security Policy (CSP) header helps prevent cross-site scripting (XSS), clickjacking, and other code injection attacks by specifying which dynamic resources are allowed to load.
upgrade-insecure-requests instructs browsers to replace insecure URLs (HTTP) with secure URLs (HTTPS).strict-transport-security
missing Add a
Strict-Transport-Security header. The Strict-Transport-Security header or HSTS header is used to instruct browsers to only use HTTPS, instead of using HTTP. It helps enforce secure communication.referrer-policy
missing Add a
Referrer-Policy header. When a visitor navigates from one page to another, browsers often pass along referrer information. The Referrer-Policy header controls how much referrer information a browser can share. This is important to configure when private information is embedded in the path or query string and passed onto an external destination.cross-origin-embedder-policy
missing Add a
Cross-Origin-Embedder-Policy to specify how this page can be loaded by cross-origin resources.cross-origin-opener-policy
missing Add a
Cross-Origin-Opener-Policy header to opt-in into better browser isolation.cross-origin-resource-policy
missing Add a
Cross-Origin-Resource-Policy header to specify who can load this page.x-permitted-cross-domain-policies
missing Add a
X-Permitted-Cross-Domain-Policies header to prevent Flash, Adobe Reader and other clients from sharing data across domains.Questions or feedback? Email dries@buytaert.net.