HTTP Headers report for dot.gov.in

Header Name	Header Data
HTTP status code	200
Etag	"1746281208-0-gzip"
Set-Cookie	TS0138eb86=017986078a5ae21deb5dbf61e402cf507d23b98ccb1592e04d461df62ac38b1376604e768cf6e2412530ced28bae239d02757c2d11; Path=/; Domain=.dot.gov.in; Secure; HTTPOnly
Vary	Cookie,Accept-Encoding
Access-Control-Allow-Origin	https://dot.gov.in
Content-Type	text/html; charset=utf-8
Date	Sat, 03 May 2025 16:20:55 GMT
Content-Language	en
Last-Modified	Sat, 03 May 2025 14:06:48 GMT
Permissions-Policy	geolocation=(), camera=(), microphone=()
Expires	Sun, 19 Nov 1978 05:00:00 GMT
X-Firefox-Spdy	h2
Access-Control-Allow-Methods	GET, POST, HEAD
X-Xss-Protection	1; mode=block
Access-Control-Allow-Headers	accept, content-type, X-Requested-With, X-Prototype-Version, X-CSRF-Token, authorization
X-Drupal-Cache	HIT
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security	max-age=31536000; includeSubDomains
Referrer-Policy	same-origin
Content-Security-Policy	frame-src 'self';frame-ancestors 'self';font-src 'self';form-action 'self';img-src data: 'self' https://analytics.wrc.nic.in https://cbpssubscriber.mygov.in ; script-src 'self' 'nonce-IvIRzwrP6-wYYmD7JHP0UU4fWs82kSrhj7W4nDVSO9o' https://ajax.googleapis.com/ https://analytics.wrc.nic.in
Access-Control-Allow-Credentials	true
X-Content-Type-Options	nosniff
X-Ua-Compatible	IE=edge
Link	<https://dot.gov.in/>; rel="canonical",<https://dot.gov.in/>; rel="shortlink"
Cache-Control	public, max-age=600

About the tool

By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.

This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.

We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.

Watch it now at TrustRadar