Vai al contenuto
D1
IT
EnglishРусскийEspañolFrançaisPortuguêsDeutschItalianoPolski

Audit risposta web

github.com HTTP headers

SEO page with a cached HTTP response header and security signals check.

Check another URL

Risultati

Status

200

Final URL

https://github.com

Accept-Ranges

bytes

Cache-Control

max-age=0, private, must-revalidate

Content-Language

en-US

Content-Security-Policy

default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com github.githubassets.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net productionresultssa1.blob.core.windows.net productionresultssa2.blob.core.windows.net productionresultssa3.blob.core.windows.net productionresultssa4.blob.core.windows.net productionresultssa5.blob.core.windows.net productionresultssa6.blob.core.windows.net productionresultssa7.blob.core.windows.net productionresultssa8.blob.core.windows.net productionresultssa9.blob.core.windows.net productionresultssa10.blob.core.windows.net productionresultssa11.blob.core.windows.net productionresultssa12.blob.core.windows.net productionresultssa13.blob.core.windows.net productionresultssa14.blob.core.windows.net productionresultssa15.blob.core.windows.net productionresultssa16.blob.core.windows.net productionresultssa17.blob.core.windows.net productionresultssa18.blob.core.windows.net productionresultssa19.blob.core.windows.net github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com wss://alive-staging.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com edge.fullstory.com rs.fullstory.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com www.youtube-nocookie.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com user-images.githubusercontent.com private-user-images.githubusercontent.com opengraph.githubassets.com marketplace-screenshots.githubusercontent.com copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com explore-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com images.ctfassets.net/8aevphvgewt8/; manifest-src 'self'; media-src github.com user-images.githubusercontent.com secured-user-images.githubusercontent.com private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com github.githubassets.com assets.ctfassets.net/8aevphvgewt8/ videos.ctfassets.net/8aevphvgewt8/; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/

Content-Type

text/html; charset=utf-8

Date

Sat, 13 Jun 2026 09:00:37 GMT

Etag

W/"b014418140bcb15559d241d87f9ed544"

Referrer-Policy

origin-when-cross-origin, strict-origin-when-cross-origin

Server

github.com

Set-Cookie

_gh_sess=aLIf%2Fx8bTsQ%2BVNYR51OluWFmZ9XdLksx1j%2BkO555faj1aUo6OsuaARqtmuyLqTNmNAKshs%2BuulM3zrC5WwKAI4aEimrwg52UdmWBzONtH99m3V3SOYJDBW%2FsYG8ZV1BNHYOWSlBM1mqyRePpJWvVy4cJ2OCd7HTg9XWazZ32T%2Ft1AeTjTwFvznhq1lktZczW8DkyeJLiNgniebrQ1cWS7cC7z0ag2vDbSoBy%2FKlQN2PtqTquOitt3jAVTCjmUGuUPkycyB8TkXVlPQMd8GlOCw%3D%3D--xrsbHmdqy6U%2F8T8p--rY1w7NywOaIV1auJcuESmw%3D%3D; path=/; HttpOnly; secure; SameSite=Lax, _octo=GH1.1.1878655621.1781341244; expires=Sun, 13 Jun 2027 09:00:44 GMT; domain=.github.com; path=/; secure; SameSite=Lax, logged_in=no; expires=Sun, 13 Jun 2027 09:00:44 GMT; domain=.github.com; path=/; HttpOnly; secure; SameSite=Lax

Strict-Transport-Security

max-age=31536000; includeSubdomains; preload

Vary

X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With, Accept-Language, Sec-Fetch-Site,Accept-Encoding, Accept, X-Requested-With

X-Content-Type-Options

nosniff

X-Frame-Options

deny

X-Github-Request-Id

CECA:1943D0:13E82D62:1009381D:6A2D1C3C

X-Xss-Protection

0

Cambio strumento

Continua con un altro controllo

Stesso obiettivo (github.com) — apri lo strumento successivo senza riscrivere.

Catalogo completo strumenti

Note di studio

Articoli correlati

Guide brevi per le ricerche più comuni su Controllo intestazioni HTTP. Scritte come appunti di laboratorio, senza marketing.

Torna a Controllo intestazioni HTTP