HTTP Headers for nbc.com

Score
I

Recommendations

Missing Header	Description
Strict-Transport-Security	Enforces secure (HTTP over SSL/TLS) connections to the server.
Content-Security-Policy	Helps prevent Cross-Site Scripting (XSS) attacks.
X-Content-Type-Options	Prevents browsers from MIME-sniffing a response away from the declared content-type.
Referrer-Policy	Controls how much referrer information should be included with requests.
Permissions-Policy	Manages which browser features and APIs a page can use.
X-XSS-Protection	Helps protect against Cross-Site Scripting (XSS) attacks.
Expect-CT	Ensures that browsers enforce Certificate Transparency.
Cache-Control	Directs caching mechanisms on how to handle the response.

Header Name	Value
Server	AkamaiGHost
Content-Length	0
Location	https://www.nbc.com/
Date	Fri, 26 Jul 2024 00:55:44 GMT
Connection	keep-alive
Akamai-Request-BC	[a=104.114.76.174,b=812015177,c=g,n=US_CA_SANJOSE,o=20940]
X-Frame-Options	SAMEORIGIN
Akamai-Cache-Status	Redirect from child
Akamai-GRN	0.ae4c7268.1721955344.30665e49
Access-Control-Allow-Origin	*
Server-Timing	ak_p; desc="1721955344423_1752321198_812015177_12_7534_153_0_-";dur=1
content-type	text/html
x-powered-by	generetic-1.232.10
last-modified	Fri, 26 Jul 2024 00:54:18 GMT
etag	W/"fc4ed-dNfJtD01iN9TdfDGEuAunePCAE4"
mpulse_cdn_cache	MISS
mpulse_origin_time	611
cache-control	public, max-age=208
date	Fri, 26 Jul 2024 01:31:44 GMT
alt-svc	h3=":443"; ma=93600
akamai-request-bc	[a=23.53.42.15,b=153217886,c=g,n=DE_HE_FRANKFURT,o=20940]
x-frame-options	SAMEORIGIN
vary	User-Agent
strict-transport-security	max-age=86400
akamai-cache-status	Error from child
akamai-grn	0.0f2a3517.1721957504.921eb5e
access-control-allow-origin	*
server-timing	ak_p; desc="1721957504511_389360143_153217886_22_4419_7_12_15";dur=1
server	AkamaiGHost
mime-version	1.0
content-length	361
expires	Fri, 26 Jul 2024 01:31:44 GMT