HTTP Headers Analysis for https://analytics.easypost.com

Detected Technologies from Headers

See all in URL Inspect 1

Nginx

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=31536000; includeSubDomains; preload

Content-Security-Policy

Basic

object-src; script-src; base-uri; +1 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Vary

Performance

Accept-Encoding

connection: close
vary: Accept-Encoding

Caching Headers

Cache-Control

Caching

no-store, must-revalidate

Expires

Caching

0

cache-control: no-store, must-revalidate
expires: 0

Content Headers

Content-Length

Content

795390

Content-Type

Content

text/html;charset=utf-8

content-length: 795390
content-type: text/html;charset=utf-8

Server Headers

Server

nginx

server: nginx

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: XSRF-TOKEN=; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; samesite=none
CSRF-TOKEN=adsE4I-Q4EHn-9dhHW4N9ek353D_EqrJiwTGVJjD8J8; path=/; secure; samesite=none
rack.session=BAh7CEkiD3Nlc3Npb25faWQGOgZFVG86HVJhY2s6OlNlc3Npb246OlNlc3Npb25JZAY6D0BwdWJsaWNfaWRJIkU5YjA2MDQzODM2MDlhNmEyYWUyOWJiMGRiODY5ODMwMTkwNmE4NjQ3ZTc4Y2Y5YTBmZDk3MGVjMjI0ZDIxMDUzBjsARkkiD2NzcmYudG9rZW4GOwBUSSIwYWRzRTRJLVE0RUhuLTlkaEhXNE45ZWszNTNEX0Vxckppd1RHVkpqRDhKOAY7AEZJIg5fX0ZMQVNIX18GOwBGewA%3D--b8dec8c215eefa93403d509f88c789d66fbc9911; path=/; expires=Sun, 07 Jun 2026 16:31:58 GMT; httponly; secure; samesite=none

Other Headers

Date

Other

Fri, 08 May 2026 16:31:58 GMT

P3p

Other

CP="This is not a P3P policy!"

Server-Timing

Other

server_latency;dur=120.66799999999999

Traceparent

Other

00-229b9429b7973be3dcb541213aac4324-6d353f57be30a20f-00

X-Ua-Compatible

Other

IE=edge,chrome=1

date: Fri, 08 May 2026 16:31:58 GMT
p3p: CP="This is not a P3P policy!"
server-timing: server_latency;dur=120.66799999999999
traceparent: 00-229b9429b7973be3dcb541213aac4324-6d353f57be30a20f-00
x-ua-compatible: IE=edge,chrome=1

Recommendations

Enable compression (gzip/brotli) to improve performance